CVE-2023-23772
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Aug 29, 2023
Updated: Nov 7, 2023
CWE ID 347
Summary
CVE-2023-23772 is a vulnerability affecting Motorola MBTS Site Controllers. The issue arises from the controller's failure to verify the authenticity of firmware update packages. An attacker with authorized access can exploit this vulnerability by providing a malicious update, leading to arbitrary code execution. This could potentially result in the extraction of secret key material or the installation of a persistent implant on the device.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Motorola, Inc.