Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.
References
Link | Resource |
---|---|
https://tetraburst.com/ | Not Applicable |
Configurations
History
31 Aug 2023, 00:24
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://tetraburst.com/ - Not Applicable | |
CPE | cpe:2.3:h:motorola:mbts_base_radio:-:*:*:*:*:*:*:* cpe:2.3:o:motorola:ebts_base_radio_firmware:r05.x2.57:*:*:*:*:*:*:* cpe:2.3:h:motorola:ebts_base_radio:-:*:*:*:*:*:*:* cpe:2.3:o:motorola:mbts_base_radio_firmware:r05.x2.57:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
First Time |
Motorola mbts Base Radio Firmware
Motorola Motorola ebts Base Radio Motorola ebts Base Radio Firmware Motorola mbts Base Radio |
|
CWE | CWE-347 |
29 Aug 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-08-29 09:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-23773
Mitre link : CVE-2023-23773
CVE.ORG link : CVE-2023-23773
JSON object : View
Products Affected
motorola
- mbts_base_radio
- mbts_base_radio_firmware
- ebts_base_radio_firmware
- ebts_base_radio
CWE
CWE-347
Improper Verification of Cryptographic Signature