Vulnerability Details : CVE-2022-27813
Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions.
Published
2023-10-19 10:15:10
Updated
2023-10-27 21:53:39
Products affected by CVE-2022-27813
- cpe:2.3:o:motorola:mtm5500_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:motorola:mtm5400_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-27813
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-27813
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.1
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H |
1.5
|
6.0
|
National Cyber Security Centre Netherlands (NCSC-NL) | |
8.2
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
1.5
|
6.0
|
NIST |
References for CVE-2022-27813
-
https://tetraburst.com/
TETRA:BURST | Midnight BlueTechnical Description
Jump to