Firmware Authenticity Vulnerability in Motorola MBTS Base Radio
CVE-2023-23773

7.2HIGH

Key Information:

Vendor
Motorola
Status
Ebts/mbts Base Radio
Vendor
CVE Published:
29 August 2023

Summary

The Motorola MBTS Base Radio lacks essential cryptographic signature validation for firmware updates, creating a potential entry point for attackers. By exploiting this weakness, an authenticated attacker can execute arbitrary code, extract sensitive key materials, and even establish a persistent presence on the affected device. This vulnerability underscores the importance of robust firmware authenticity checks in maintaining the integrity of critical communication infrastructure.

Affected Version(s)

EBTS/MBTS Base Radio R05.x2.57

References

https://tetraburst.com/
related

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Midnight Blue
.
CVE-2023-23773 : Firmware Authenticity Vulnerability in Motorola MBTS Base Radio | SecurityVulnerability.io