CVE-2023-23772
CVSS V2 None
CVSS V3 None
Description
Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.
Overview
- CVE ID
- CVE-2023-23772
- Assigner
- NCSC-NL
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-08-29T08:48:45.339Z
- Last Modified Date
- 2023-08-29T08:48:45.339Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://tetraburst.com/ | related |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-23772 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23772 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 08:51:12 | Added to TrackCVE |