Filtered by vendor Motorola
Subscribe
Total
95 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-23626 | 1 Motorola | 2 Mr2600, Mr2600 Firmware | 2024-02-28 | 7.7 HIGH | 8.8 HIGH |
| A command injection vulnerability exists in the ‘SaveSysLogParams’ parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. | |||||
| CVE-2024-23627 | 1 Motorola | 2 Mr2600, Mr2600 Firmware | 2024-02-28 | 7.7 HIGH | 8.8 HIGH |
| A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the Motorola MR2600. A remote attacker can exploit this vulnerability to achieve command execution. Authentication is required, however can be bypassed. | |||||
| CVE-2024-23630 | 1 Motorola | 2 Mr2600, Mr2600 Firmware | 2024-02-28 | 7.7 HIGH | 8.8 HIGH |
| An arbitrary firmware upload vulnerability exists in the Motorola MR2600. An attacker can exploit this vulnerability to achieve code execution on the device. Authentication is required, however can be bypassed. | |||||
| CVE-2022-26941 | 1 Motorola | 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more | 2024-02-28 | N/A | 8.8 HIGH |
| A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the teds_app binary, which runs with root privileges. | |||||
| CVE-2022-26943 | 1 Motorola | 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more | 2024-02-28 | N/A | 8.8 HIGH |
| The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. Low boottime entropy and limited re-seeding of the pool renders the authentication challenge vulnerable to two attacks. First, due to the limited boottime pool entropy, an adversary can derive the contents of the entropy pool by an exhaustive search of possible values, based on an observed authentication challenge. Second, an adversary can use knowledge of the entropy pool to predict authentication challenges. As such, the unit is vulnerable to CVE-2022-24400. | |||||
| CVE-2023-23772 | 1 Motorola | 2 Mbts Site Controller, Mbts Site Controller Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| Motorola MBTS Site Controller fails to check firmware update authenticity. The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device. | |||||
| CVE-2022-27813 | 1 Motorola | 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more | 2024-02-28 | N/A | 8.2 HIGH |
| Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions. | |||||
| CVE-2022-3681 | 1 Motorola | 1 Mr2600 | 2024-02-28 | N/A | 6.5 MEDIUM |
| A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an attacker within range of the wireless network to successfully brute force the WPS pin, potentially allowing them unauthorized access to a wireless network. | |||||
| CVE-2023-23773 | 1 Motorola | 4 Ebts Base Radio, Ebts Base Radio Firmware, Mbts Base Radio and 1 more | 2024-02-28 | N/A | 8.8 HIGH |
| Motorola EBTS/MBTS Base Radio fails to check firmware authenticity. The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device. | |||||
| CVE-2022-3407 | 1 Motorola | 1 Smartphone Firmware | 2024-02-28 | N/A | 4.3 MEDIUM |
| I some cases, when the device is USB-tethered to a host PC, and the device is sharing its mobile network connection with the host PC, if the user originates a call on the device, then the device's modem may reset and cause the phone call to not succeed. This may block the user from dialing emergency services. This patch resolves the device's modem reset issue. | |||||
| CVE-2023-23770 | 1 Motorola | 2 Mbts Site Controller, Mbts Site Controller Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled. | |||||
| CVE-2023-23771 | 1 Motorola | 2 Mbts Base Radio, Mbts Base Radio Firmware | 2024-02-28 | N/A | 8.4 HIGH |
| Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled. | |||||
| CVE-2022-26942 | 1 Motorola | 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more | 2024-02-28 | N/A | 8.2 HIGH |
| The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with non-secure supervisor level code execution can exploit the issue in order to gain secure supervisor code execution within the TEE. This constitutes a full break of the TEE module, exposing the device key as well as any TETRA cryptographic keys and the confidential TETRA cryptographic primitives. | |||||
| CVE-2023-31531 | 1 Motorola | 2 Cx2l, Cx2l Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the tomography_ping_number parameter. | |||||
| CVE-2023-31528 | 1 Motorola | 2 Cx2l, Cx2l Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the staticroute_list parameter. | |||||
| CVE-2023-31530 | 1 Motorola | 2 Cx2l, Cx2l Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the smartqos_priority_devices parameter. | |||||
| CVE-2023-31529 | 1 Motorola | 2 Cx2l, Cx2l Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| Motorola CX2L Router 1.0.1 was discovered to contain a command injection vulnerability via the system_time_timezone parameter. | |||||
| CVE-2022-3917 | 1 Motorola | 2 Moto E20, Moto E20 Firmware | 2024-02-28 | N/A | 5.5 MEDIUM |
| Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data. | |||||
| CVE-2022-34885 | 1 Motorola | 2 Mr2600, Mr2600 Firmware | 2024-02-28 | N/A | 6.7 MEDIUM |
| An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with elevated permissions to execute arbitrary code. | |||||
| CVE-2022-30269 | 1 Motorola | 2 Ace1000, Ace1000 Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. | |||||