Firmware Authenticity Vulnerability in Motorola MBTS Base Radio
CVE-2023-23773

7.2HIGH

Key Information:

Vendor: Motorola
Status: Ebts/mbts Base Radio
Vendor: CVE Published:; 29 August 2023

What is CVE-2023-23773?

The Motorola MBTS Base Radio lacks essential cryptographic signature validation for firmware updates, creating a potential entry point for attackers. By exploiting this weakness, an authenticated attacker can execute arbitrary code, extract sensitive key materials, and even establish a persistent presence on the affected device. This vulnerability underscores the importance of robust firmware authenticity checks in maintaining the integrity of critical communication infrastructure.

Affected Version(s)

EBTS/MBTS Base Radio R05.x2.57

References

https://tetraburst.com/

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 29, 2023
Vulnerability Reserved
Jan 17, 2023

Credit

Midnight Blue