Vulnerability Details : CVE-2023-23774
Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device.
Published
2023-08-29 09:15:09
Updated
2024-10-03 14:15:05
Products affected by CVE-2023-23774
- cpe:2.3:o:motorola:mbts_site_controller_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:motorola:ebts_site_controller_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-23774
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-23774
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
8.4
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.5
|
5.9
|
National Cyber Security Centre Netherlands (NCSC-NL) | |
8.4
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.5
|
5.9
|
NIST |
CWE ids for CVE-2023-23774
-
An exception is thrown from a function, but it is not caught.Assigned by: cert@ncsc.nl (Secondary)
-
The product does not handle or incorrectly handles an exceptional condition.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-23774
-
https://tetraburst.com/
TETRA:BURST | Midnight BlueNot Applicable
Jump to