CVE-2006-1365

Name of the Vulnerable Software and Affected Versions Motorola PEBL U6 Motorola V600 Motorola E398 and other Motorola phones (affected versions not specified)

Description The issue allows remote attackers to add their Bluetooth device to a target device's list of trusted devices, potentially obtaining AT level access to the target device. This is achieved by initiating and interrupting an OBEX Push Profile that pretends to send a vCard, also known as a "HeloMoto" attack.

Recommendations For Motorola PEBL U6, consider disabling Bluetooth functionality until a fix is available. For Motorola V600, restrict access to the device's trusted devices list to minimize the risk of exploitation. For Motorola E398 and other affected Motorola phones, avoid using the OBEX Push Profile feature until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.