CVE-2020-36982

CVE Database · CVE-2020-36982

CVE-2020-36982

· HIGHDeferred

CVSS v3.1

7.8

CVSS v4.0

8.5

EPSS

0.16%

Published

Jan 27, 2026

Modified

Apr 14, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with elevated system privileges during service startup.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-428

References (3)

https://motorola-device-manager.programas-gratis.net/gracias

https://www.exploit-db.com/exploits/49012

https://www.vulncheck.com/advisories/motorola-device-manager-motohelperserviceexe-unquoted-service-path

KEV Catalog EPSS Scores Vendors All CVEs