The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was downloading what appeared to be a client certificate.
References
Link | Resource |
---|---|
https://blog.sean-wright.com/cve-2018-12499/ | Third Party Advisory |
https://blog.sean-wright.com/cve-2018-12499/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:45
Type | Values Removed | Values Added |
---|---|---|
References | () https://blog.sean-wright.com/cve-2018-12499/ - Third Party Advisory |
Information
Published : 2018-07-02 16:29
Updated : 2024-11-21 03:45
NVD link : CVE-2018-12499
Mitre link : CVE-2018-12499
CVE.ORG link : CVE-2018-12499
JSON object : View
Products Affected
motorola
- mbp853
- mbp853_firmware
CWE
CWE-295
Improper Certificate Validation