A hard-coded AES key vulnerability was reported in the Motorola GuideMe application, along with a lack of URI sanitation, could allow for a local attacker to read arbitrary files.
Credits
Sergey Toshin and Illia Khorolskyi of Oversecured (ovesecured.com)
