CVE-2022-30276

The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-04	Mitigation Third Party Advisory US Government Resource
https://www.forescout.com/blog/	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:motorola:moscad_ip_gateway_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:motorola:moscad_ip_gateway:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:motorola:ace_ip_gateway_\(4600\)_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:motorola:ace_ip_gateway_\(4600\):-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-07-26 23:15

Updated : 2024-02-28 19:29

NVD link : CVE-2022-30276

Mitre link : CVE-2022-30276

CVE.ORG link : CVE-2022-30276

JSON object : View

Products Affected

motorola

moscad_ip_gateway_firmware
moscad_ip_gateway
ace_ip_gateway_\(4600\)_firmware
ace_ip_gateway_\(4600\)

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2022-30276", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-07-26T23:15:08.293", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-04", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "https://www.forescout.com/blog/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality."}, {"lang": "es", "value": "Motorola MOSCAD and ACE line of RTUs versiones hasta 02-05-2022, omiten un requisito de autenticaci\u00f3n. Cuentan con m\u00f3dulos de puerta de enlace IP que permiten la interconexi\u00f3n entre las redes de Comunicaci\u00f3n de Enlace de Datos de Motorola (MDLC) (potencialmente a trav\u00e9s de una variedad de enlaces de serie, RF y/o Ethernet) y las redes TCP/IP. La comunicaci\u00f3n con las RTU detr\u00e1s de la pasarela es realizado mediante el protocolo propietario IPGW (5001/TCP). Este protocolo no presenta ninguna caracter\u00edstica de autenticaci\u00f3n, lo que permite a cualquier atacante capaz de comunicarse con el puerto en cuesti\u00f3n invocar (un subconjunto de) la funcionalidad deseada"}], "lastModified": "2024-02-13T16:25:57.067", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:motorola:moscad_ip_gateway_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79643AEA-9B7F-4754-9F92-A18087BC23A9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:motorola:moscad_ip_gateway:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2F6DB9D2-850C-4C18-866C-7B6FDDB102D0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:motorola:ace_ip_gateway_\\(4600\\)_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CB0DE72-62FB-4E23-85F6-68AF8D0A0DDA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:motorola:ace_ip_gateway_\\(4600\\):-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "64ACF2EF-2AA2-4B33-A514-101A64CFEC8B"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}