CVE-2022-26941
Format string vulnerability in AT+CTGL command in Motorola MTM5000
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A format string vulnerability exists in Motorola MTM5000 series firmware AT command handler for the AT+CTGL command. An attacker-controllable string is improperly handled, allowing for a write-anything-anywhere scenario. This can be leveraged to obtain arbitrary code execution inside the teds_app binary, which runs with root privileges.
Existe una vulnerabilidad de cadena de formato en el controlador de comandos AT del firmware de la serie Motorola MTM5000 para el comando AT+CTGL. Una cadena controlable por un atacante se maneja incorrectamente, lo que permite un escenario en el que se puede escribir cualquier cosa en cualquier lugar. Esto se puede aprovechar para obtener la ejecución de código arbitrario dentro del binario teds_app, que se ejecuta con privilegios de root.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2022-03-11 CVE Reserved
- 2023-10-19 CVE Published
- 2023-10-26 EPSS Updated
- 2024-09-12 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-134: Use of Externally-Controlled Format String
CAPEC
References (1)
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Motorola Search vendor "Motorola" | Mtm5500 Firmware Search vendor "Motorola" for product "Mtm5500 Firmware" | - | - |
Affected
| in | Motorola Search vendor "Motorola" | Mtm5500 Search vendor "Motorola" for product "Mtm5500" | - | - |
Safe
|
| Motorola Search vendor "Motorola" | Mtm5400 Firmware Search vendor "Motorola" for product "Mtm5400 Firmware" | - | - |
Affected
| in | Motorola Search vendor "Motorola" | Mtm5400 Search vendor "Motorola" for product "Mtm5400" | - | - |
Safe
|