Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://tetraburst.com/ |
History
Wed, 02 Oct 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: NCSC-NL
Published: 2023-08-29T08:48:45.339Z
Updated: 2024-10-02T14:00:09.387Z
Reserved: 2023-01-17T22:51:43.265Z
Link: CVE-2023-23772
Vulnrichment
Updated: 2024-08-02T10:42:25.933Z
NVD
Status : Modified
Published: 2023-08-29T09:15:09.193
Modified: 2024-11-21T07:46:47.970
Link: CVE-2023-23772
Redhat
No data.