Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.
References
Link | Resource |
---|---|
https://tetraburst.com/ | Not Applicable |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: NCSC-NL
Published: 2023-08-29T08:48:45.339Z
Updated: 2023-08-29T08:48:45.339Z
Reserved: 2023-01-17T22:51:43.265Z
Link: CVE-2023-23772
JSON object: View
NVD Information
Status : Modified
Published: 2023-08-29T09:15:09.193
Modified: 2023-11-07T04:07:56.007
Link: CVE-2023-23772
JSON object: View
Redhat Information
No data.
CWE