We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-23770



AssignerNCSC-NL
Reserved2023-01-17
Published2023-08-29
Updated2024-10-02

Description

Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.



CRITICAL: 9.4CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H/E:H/RL:U/RC:C/CR:H/IR:H/AR:M/MAV:N/MAC:L/MPR:N/MUI:N/MS:U/MC:L/MI:H/MA:H

Problem types

Use of Hard-coded Password

Product status

Default status
unknown

R05.32.58
affected

Credits

Midnight Blue 0x4007a4b440

References

https://tetraburst.com/ (TETRA:BURST) related

cve.org CVE-2023-23770

nvd.nist.gov CVE-2023-23770

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.