Unconfigured memory protection modules in Motorola MTM5000
CVE-2022-27813

8.1HIGH

Key Information:

Vendor: Motorola
Status: Mobile Radio
Vendor: CVE Published:; 19 October 2023

What is CVE-2022-27813?

Motorola MTM5000 series firmware is affected by a significant memory protection vulnerability where the configuration of memory protection units between the OMAP-L138 ARM and DSP cores is incomplete. This oversight allows an adversary who gains control over one core to exploit shared RAM or DDR2 memory regions, ultimately leading to unauthorized code execution on the other core. Proper configuration of these protections is essential to maintaining the integrity and security of the system against potential breaches.

Affected Version(s)

Mobile Radio MTM5000

References

https://tetraburst.com/

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 19, 2023
Vulnerability Reserved
Mar 24, 2022

Credit

Midnight Blue