Search criteria
4 vulnerabilities found for EBTS/MBTS Base Radio by Motorola
CVE-2023-23774 (GCVE-0-2023-23774)
Vulnerability from cvelistv5 – Published: 2023-08-29 08:49 – Updated: 2024-10-03 13:52
VLAI?
Summary
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device.
Severity ?
CWE
- CWE-248 - An exception is thrown from a function, but it is not caught
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Motorola | EBTS/MBTS Base Radio |
Affected:
R05.x2.57
|
Credits
Midnight Blue
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:25.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related",
"x_transferred"
],
"url": "https://tetraburst.com/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:motorola:ebts_mbts_base_radio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ebts_mbts_base_radio",
"vendor": "motorola",
"versions": [
{
"status": "affected",
"version": "r05.x2.57"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T20:36:25.719546Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T20:38:30.486Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "EBTS/MBTS Base Radio",
"vendor": "Motorola",
"versions": [
{
"status": "affected",
"version": "R05.x2.57"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Midnight Blue"
}
],
"descriptions": [
{
"lang": "en",
"value": "Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device\u0027s serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C/CR:H/IR:H/AR:M/MAV:L/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "An exception is thrown from a function, but it is not caught",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T13:52:17.494Z",
"orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"shortName": "NCSC-NL"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related"
],
"url": "https://tetraburst.com/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"assignerShortName": "NCSC-NL",
"cveId": "CVE-2023-23774",
"datePublished": "2023-08-29T08:49:32.508Z",
"dateReserved": "2023-01-17T22:51:43.265Z",
"dateUpdated": "2024-10-03T13:52:17.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23773 (GCVE-0-2023-23773)
Vulnerability from cvelistv5 – Published: 2023-08-29 08:49 – Updated: 2024-10-01 20:39
VLAI?
Summary
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.
Severity ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Motorola | EBTS/MBTS Base Radio |
Affected:
R05.x2.57
|
Credits
Midnight Blue
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:25.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related",
"x_transferred"
],
"url": "https://tetraburst.com/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:motorola:ebts_mbts_base_radio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ebts_mbts_base_radio",
"vendor": "motorola",
"versions": [
{
"status": "affected",
"version": "r05.x2.57"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T20:39:07.414372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T20:39:57.051Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "EBTS/MBTS Base Radio",
"vendor": "Motorola",
"versions": [
{
"status": "affected",
"version": "R05.x2.57"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Midnight Blue"
}
],
"descriptions": [
{
"lang": "en",
"value": "Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C/CR:H/IR:H/AR:M/MAV:N/MAC:L/MPR:H/MUI:N/MS:U/MC:H/MI:H/MA:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-29T08:49:00.979Z",
"orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"shortName": "NCSC-NL"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related"
],
"url": "https://tetraburst.com/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"assignerShortName": "NCSC-NL",
"cveId": "CVE-2023-23773",
"datePublished": "2023-08-29T08:49:00.979Z",
"dateReserved": "2023-01-17T22:51:43.265Z",
"dateUpdated": "2024-10-01T20:39:57.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23774 (GCVE-0-2023-23774)
Vulnerability from nvd – Published: 2023-08-29 08:49 – Updated: 2024-10-03 13:52
VLAI?
Summary
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device.
Severity ?
CWE
- CWE-248 - An exception is thrown from a function, but it is not caught
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Motorola | EBTS/MBTS Base Radio |
Affected:
R05.x2.57
|
Credits
Midnight Blue
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:25.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related",
"x_transferred"
],
"url": "https://tetraburst.com/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:motorola:ebts_mbts_base_radio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ebts_mbts_base_radio",
"vendor": "motorola",
"versions": [
{
"status": "affected",
"version": "r05.x2.57"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23774",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T20:36:25.719546Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T20:38:30.486Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "EBTS/MBTS Base Radio",
"vendor": "Motorola",
"versions": [
{
"status": "affected",
"version": "R05.x2.57"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Midnight Blue"
}
],
"descriptions": [
{
"lang": "en",
"value": "Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device\u0027s serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C/CR:H/IR:H/AR:M/MAV:L/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-248",
"description": "An exception is thrown from a function, but it is not caught",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T13:52:17.494Z",
"orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"shortName": "NCSC-NL"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related"
],
"url": "https://tetraburst.com/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"assignerShortName": "NCSC-NL",
"cveId": "CVE-2023-23774",
"datePublished": "2023-08-29T08:49:32.508Z",
"dateReserved": "2023-01-17T22:51:43.265Z",
"dateUpdated": "2024-10-03T13:52:17.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-23773 (GCVE-0-2023-23773)
Vulnerability from nvd – Published: 2023-08-29 08:49 – Updated: 2024-10-01 20:39
VLAI?
Summary
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.
Severity ?
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Motorola | EBTS/MBTS Base Radio |
Affected:
R05.x2.57
|
Credits
Midnight Blue
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:42:25.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related",
"x_transferred"
],
"url": "https://tetraburst.com/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:motorola:ebts_mbts_base_radio:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ebts_mbts_base_radio",
"vendor": "motorola",
"versions": [
{
"status": "affected",
"version": "r05.x2.57"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-23773",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-01T20:39:07.414372Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-01T20:39:57.051Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "EBTS/MBTS Base Radio",
"vendor": "Motorola",
"versions": [
{
"status": "affected",
"version": "R05.x2.57"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Midnight Blue"
}
],
"descriptions": [
{
"lang": "en",
"value": "Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C/CR:H/IR:H/AR:M/MAV:N/MAC:L/MPR:H/MUI:N/MS:U/MC:H/MI:H/MA:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-29T08:49:00.979Z",
"orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"shortName": "NCSC-NL"
},
"references": [
{
"name": "TETRA:BURST",
"tags": [
"related"
],
"url": "https://tetraburst.com/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39",
"assignerShortName": "NCSC-NL",
"cveId": "CVE-2023-23773",
"datePublished": "2023-08-29T08:49:00.979Z",
"dateReserved": "2023-01-17T22:51:43.265Z",
"dateUpdated": "2024-10-01T20:39:57.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}