The two affected Motorola models are the Moto G4 and Moto G5. The vulnerability (CVE-2016-10277) is the same one found by Aleph Research earlier this year and fixed by Google in May, impacting the Nexus 6 Motorola bootloader. Motorola said patches to fix the vulnerability in both devices are expected this month. Researchers were able to trigger the vulnerability on the Moto devices by abusing the Motorola boot loader download functionality in order to swap in their own malicious initramfs (initial RAM file system) at a known physical address.
Source: https://threatpost.com/motorola-moto-g4-g5-vulnerable-to-local-root-shell-attacks/126155/