OpenCVE

Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Motorola	Ebts Mbts Base Radio Ebts Site Controller Ebts Site Controller Firmware Mbts Site Controller Mbts Site Controller Firmware

Configuration 1 [-]

AND

cpe:2.3:o:motorola:ebts_site_controller_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:motorola:ebts_site_controller:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:motorola:mbts_site_controller_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:motorola:mbts_site_controller:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://tetraburst.com/

History

Thu, 03 Oct 2024 14:30:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-703

Thu, 03 Oct 2024 14:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-248

Tue, 01 Oct 2024 21:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Motorola ebts Mbts Base Radio
CPEs		cpe:2.3:a:motorola:ebts_mbts_base_radio::::::::
Vendors & Products		Motorola ebts Mbts Base Radio
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: NCSC-NL

Published: 2023-08-29T08:49:32.508Z

Updated: 2024-10-03T13:52:17.494Z

Reserved: 2023-01-17T22:51:43.265Z

Link: CVE-2023-23774

Vulnrichment

Updated: 2024-08-02T10:42:25.878Z

NVD

Status : Modified

Published: 2023-08-29T09:15:09.403

Modified: 2024-10-03T14:15:04.650

Link: CVE-2023-23774

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-23774", "assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39", "state": "PUBLISHED", "assignerShortName": "NCSC-NL", "dateReserved": "2023-01-17T22:51:43.265Z", "datePublished": "2023-08-29T08:49:32.508Z", "dateUpdated": "2024-10-03T13:52:17.494Z"}, "containers": {"cna": {"affected": [{"vendor": "Motorola", "product": "EBTS/MBTS Base Radio", "versions": [{"version": "R05.x2.57", "status": "affected"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-248", "description": "An exception is thrown from a function, but it is not caught", "type": "CWE"}]}], "providerMetadata": {"orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39", "shortName": "NCSC-NL", "dateUpdated": "2024-10-03T13:52:17.494Z"}, "references": [{"name": "TETRA:BURST", "tags": ["related"], "url": "https://tetraburst.com/"}], "credits": [{"lang": "en", "value": "Midnight Blue", "type": "finder"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C/CR:H/IR:H/AR:M/MAV:L/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H"}}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:42:25.878Z"}, "title": "CVE Program Container", "references": [{"name": "TETRA:BURST", "tags": ["related", "x_transferred"], "url": "https://tetraburst.com/"}]}, {"affected": [{"vendor": "motorola", "product": "ebts_mbts_base_radio", "cpes": ["cpe:2.3:a:motorola:ebts_mbts_base_radio:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "r05.x2.57", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-01T20:36:25.719546Z", "id": "CVE-2023-23774", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T20:38:30.486Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tetraburst.com/", "name": "TETRA:BURST", "tags": ["related", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:42:25.878Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-23774", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-01T20:36:25.719546Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:motorola:ebts_mbts_base_radio:*:*:*:*:*:*:*:*"], "vendor": "motorola", "product": "ebts_mbts_base_radio", "versions": [{"status": "affected", "version": "r05.x2.57"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-01T20:38:26.348Z"}}], "cna": {"credits": [{"lang": "en", "type": "finder", "value": "Midnight Blue"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C/CR:H/IR:H/AR:M/MAV:L/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Motorola", "product": "EBTS/MBTS Base Radio", "versions": [{"status": "affected", "version": "R05.x2.57"}], "defaultStatus": "unknown"}], "references": [{"url": "https://tetraburst.com/", "name": "TETRA:BURST", "tags": ["related"]}], "descriptions": [{"lang": "en", "value": "Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-248", "description": "An exception is thrown from a function, but it is not caught"}]}], "providerMetadata": {"orgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39", "shortName": "NCSC-NL", "dateUpdated": "2024-10-03T13:52:17.494Z"}}}, "cveMetadata": {"cveId": "CVE-2023-23774", "state": "PUBLISHED", "dateUpdated": "2024-10-03T13:52:17.494Z", "dateReserved": "2023-01-17T22:51:43.265Z", "assignerOrgId": "cf4a7ff5-dd38-4ede-a530-ffaa7ea59c39", "datePublished": "2023-08-29T08:49:32.508Z", "assignerShortName": "NCSC-NL"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:motorola:ebts_site_controller_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "397B1B92-C023-4825-8122-05131B702740", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:motorola:ebts_site_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "B19E4B16-8762-44BF-A597-D77621686A2E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:motorola:mbts_site_controller_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "678A4DEF-0D43-43CA-B541-F7BEAAEEAA28", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:motorola:mbts_site_controller:-:*:*:*:*:*:*:*", "matchCriteriaId": "044E6275-5F1D-496C-839F-909926D337B8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device."}, {"lang": "es", "value": "El controlador de sitio EBTS/MBTS de Motorola muestra un mensaje de depuraci\u00f3n en caso de una excepci\u00f3n no controlada. El controlador de sitio MBTS de Motorola expone un mensaje de depuraci\u00f3n en el puerto serie del dispositivo en caso de una excepci\u00f3n no controlada. Esto permite que un atacante con acceso f\u00edsico que pueda desencadenar dicha excepci\u00f3n extraiga material de clave secreta y/o obtenga la ejecuci\u00f3n de c\u00f3digo arbitrario en el dispositivo."}], "id": "CVE-2023-23774", "lastModified": "2024-10-03T14:15:04.650", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "cert@ncsc.nl", "type": "Secondary"}]}, "published": "2023-08-29T09:15:09.403", "references": [{"source": "cert@ncsc.nl", "tags": ["Not Applicable"], "url": "https://tetraburst.com/"}], "sourceIdentifier": "cert@ncsc.nl", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-248"}], "source": "cert@ncsc.nl", "type": "Secondary"}]}