CVE-2022-30269

Severity Score

8.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks.

Motorola ACE1000 RTUs versiones hasta 02-05-2022, manejan inapropiadamente la integridad de las aplicaciones. Permiten la instalación de aplicaciones personalizadas por medio del software STS, el kit de herramientas C o el ACE1000 Easy Configurator. En el caso del Easy Configurator, las imágenes de las aplicaciones (como archivos PLX/DAT/APP/CRC) son cargadas por medio de la Interfaz de Usuario Web. En el caso del kit de herramientas C, son transferidas e instaladas mediante SFTP/SSH. En cada caso, las imágenes de la aplicación no tenían autenticación (en forma de firma de firmware) y sólo eran basadas en sumas de comprobación no seguras para las comprobaciones de integridad periódicas

*Credits: N/A

CVSS Scores

NISTv3.1 8.8

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-05-04 CVE Reserved
2022-07-26 CVE Published
2024-02-16 EPSS Updated
2024-08-03 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-345: Insufficient Verification of Data Authenticity

CAPEC

References (2)

URL	Tag	Source
https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06	Mitigation
https://www.forescout.com/blog	Not Applicable

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Motorola Search vendor "Motorola"	Ace1000 Firmware Search vendor "Motorola" for product "Ace1000 Firmware"	-	-	Affected	in	Motorola Search vendor "Motorola"	Ace1000 Search vendor "Motorola" for product "Ace1000"	-	-	Safe