CVE-2022-30274

{"id": "CVE-2022-30274", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-07-26T23:15:08.253", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "https://www.forescout.com/blog/", "tags": ["Not Applicable"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "The Motorola ACE1000 RTU through 2022-05-02 uses ECB encryption unsafely. It can communicate with an XRT LAN-to-radio gateway by means of an embedded client. Credentials for accessing this gateway are stored after being encrypted with the Tiny Encryption Algorithm (TEA) in ECB mode using a hardcoded key. Similarly, the ACE1000 RTU can route MDLC traffic over Extended Command and Management Protocol (XCMP) and Network Layer (XNL) networks via the MDLC driver. Authentication to the XNL port is protected by TEA in ECB mode using a hardcoded key."}, {"lang": "es", "value": "Motorola ACE1000 RTU versiones hasta 02-05-2022, usa el cifrado ECB de forma no segura. Puede comunicarse con una pasarela XRT de LAN a radio por medio de un cliente integrado. Las credenciales para acceder a esta pasarela son almacenadas despu\u00e9s de ser encriptadas con el algoritmo de encriptaci\u00f3n Tiny (TEA) en modo ECB usando una clave embebida. Del mismo modo, la RTU ACE1000 puede rutar el tr\u00e1fico MDLC a trav\u00e9s de las redes Extended Command and Management Protocol (XCMP) y Network Layer (XNL) por medio del controlador MDLC. La autenticaci\u00f3n al puerto XNL est\u00e1 protegida por TEA en modo ECB usando una clave embebida"}], "lastModified": "2022-08-02T19:26:58.617", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:motorola:ace1000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D94120E5-38DE-44EF-B1D6-C418DC816D25"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:motorola:ace1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D16356CC-9056-4675-8DBE-EF395A5529E8"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}