PT-2023-19196 · Motorola · Motorola Ebts/Mbts Base Radio

Midnight Blue

Publicado

2023-08-29

Atualizado

2023-08-31

CVE-2023-23773

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Motorola EBTS/MBTS Base Radio (affected versions not specified)

Description The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Verification of Cryptographic Signature

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-347

Identificadores relacionados

CVE-2023-23773

Produtos afetados

Motorola Ebts/Mbts Base Radio

PT-2023-19196 · Motorola · Motorola Ebts/Mbts Base Radio

CVE-2023-23773

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8