PT-2019-12738 · Motorola · Motorola M2+1

Published

2019-05-23

Updated

2019-05-24

CVE-2019-12297

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Motorola routers CX2 version 1.01 Motorola routers M2 version 1.01

Description An issue was discovered in scopd, where there is a use of an externally controlled format string. This issue is reachable via TCP port 8010 or UDP port 8080.

Recommendations For Motorola routers CX2 version 1.01, restrict access to TCP port 8010 and UDP port 8080 to minimize the risk of exploitation. For Motorola routers M2 version 1.01, restrict access to TCP port 8010 and UDP port 8080 to minimize the risk of exploitation.

Exploit

Fix

Use of Externally-Controlled Format String

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-134

Related Identifiers

CVE-2019-12297

Affected Products

Motorola Cx2

Motorola M2

PT-2019-12738 · Motorola · Motorola M2+1

CVE-2019-12297

Weakness Enumeration

Related Identifiers

Affected Products

References · 3