CVE-2022-30270

Name of the Vulnerable Software and Affected Versions Motorola ACE1000 RTU through 2022-05-02

Description The issue concerns the use of default credentials for five preconfigured SSH accounts, including root, abuilder, acelogin, cappl, and ace. These accounts are used to control access to the SSH interface on port 22/TCP, which is utilized for remote maintenance and SFTP file-transfer operations. Although the documentation for the ACE1000 mentions the root, abuilder, and acelogin accounts and advises users to change the default credentials, the cappl and ace accounts remain undocumented, making it unlikely that their credentials will be changed. This could allow a remote attacker to gain unauthorized access to protected information.

Recommendations For Motorola ACE1000 RTU through 2022-05-02, consider changing the default credentials for all five preconfigured SSH accounts, including root, abuilder, acelogin, cappl, and ace, to prevent unauthorized access. As a temporary workaround, restrict access to the SSH interface on port 22/TCP to minimize the risk of exploitation. Additionally, review the ACE1000 documentation and ensure that all users are aware of the need to change the default credentials for all accounts, including the undocumented cappl and ace accounts.