CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34885
https://notcve.org/view.php?id=CVE-2022-34885
An improper input sanitization vulnerability in the Motorola MR2600 router could allow a local user with elevated permissions to execute arbitrary code. • https://help.motorolanetwork.com/hc/en-us/articles/8161908477595 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3917
https://notcve.org/view.php?id=CVE-2022-3917
Improper access control of bootloader function was discovered in Motorola Mobility Motorola e20 prior to version RONS31.267-38-8 allows attacker with local access to read partition or RAM data. Se descubrió un control de acceso inadecuado a la función del cargador de arranque en Motorola Mobility. El Motorola e20 anterior a la versión RONS31.267-38-8 permite a un atacante con acceso local leer datos de partición o RAM. • https://en-us.support.motorola.com/app/answers/detail/a_id/175333 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-30276
https://notcve.org/view.php?id=CVE-2022-30276
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality. Motorola MOSCAD and ACE line of RTUs versiones hasta 02-05-2022, omiten un requisito de autenticación. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-04 https://www.forescout.com/blog • CWE-306: Missing Authentication for Critical Function •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30269
https://notcve.org/view.php?id=CVE-2022-30269
Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06 https://www.forescout.com/blog • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30270
https://notcve.org/view.php?id=CVE-2022-30270
The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5 preconfigured accounts (root, abuilder, acelogin, cappl, ace), all of which come with default credentials. Although the ACE1000 documentation mentions the root, abuilder and acelogin accounts and instructs users to change the default credentials, the cappl and ace accounts remain undocumented and thus are unlikely to have their credentials changed. • https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06 https://www.forescout.com/blog • CWE-287: Improper Authentication •