Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.
References
Link Providers
https://tetraburst.com/ cve-icon cve-icon
History

Wed, 02 Oct 2024 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: NCSC-NL

Published: 2023-08-29T08:48:45.339Z

Updated: 2024-10-02T14:00:09.387Z

Reserved: 2023-01-17T22:51:43.265Z

Link: CVE-2023-23772

cve-icon Vulnrichment

Updated: 2024-08-02T10:42:25.933Z

cve-icon NVD

Status : Modified

Published: 2023-08-29T09:15:09.193

Modified: 2024-11-21T07:46:47.970

Link: CVE-2023-23772

cve-icon Redhat

No data.