CVE-2023-23773

EPSS 0.03%
Published 29.08.2023 09:15:09
Last modified 21.11.2024 07:46:48
Source cert@ncsc.nl
Teams watchlist Login
Open Login

Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Motorola ≫ Ebts Base Radio Firmware Versionr05.x2.57

Motorola ≫ Ebts Base Radio Version-

Motorola ≫ Mbts Base Radio Firmware Versionr05.x2.57

Motorola ≫ Mbts Base Radio Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.065

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cert@ncsc.nl	7.2	1.2	5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE-347 Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.

https://tetraburst.com/

Not Applicable

https://nvd.nist.gov/vuln/detail/CVE-2023-23773

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-23773

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-23773

EUVD