CVE-2018-12499
First published: Mon Jul 02 2018(Updated: )
The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was downloading what appeared to be a client certificate.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Motorola MBP853 firmware | ||
| Motorola MBP853 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-12499?
CVE-2018-12499 is a vulnerability in the Motorola MBP853 firmware that allows for a Man in The Middle (MiTM) attack to take place between the camera and the servers it communicates with.
How does CVE-2018-12499 work?
CVE-2018-12499 occurs because the Motorola MBP853 firmware does not correctly validate server certificates, allowing an attacker to intercept communications between the camera and the servers.
What is the severity of CVE-2018-12499?
CVE-2018-12499 has a severity rating of 7.4 (high).
How can I mitigate CVE-2018-12499?
To mitigate CVE-2018-12499, it is recommended to update the Motorola MBP853 firmware to a version that correctly validates server certificates.
Where can I find more information about CVE-2018-12499?
You can find more information about CVE-2018-12499 at this link: https://blog.sean-wright.com/cve-2018-12499/
- collector/nvd-index
- agent/weakness
- agent/references
- agent/author
- agent/severity
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/motorola
- canonical/motorola mbp853 firmware
- canonical/motorola mbp853