CVE-2023-23773
Last modified
CVE-2023-23773 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.. EPSS estimates a 0.42% chance of exploitation in the next 30 days.
Description
Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Motorola | Ebts Base Radio Firmware | r05.x2.57 |
| Motorola | Mbts Base Radio Firmware | r05.x2.57 |
References
- https://tetraburst.com/Not Applicable
- https://tetraburst.com/Not Applicable
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2023-23773?
How severe is CVE-2023-23773?
How do I fix CVE-2023-23773?
Are you affected by CVE-2023-23773?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST