What is the severity of CVE-2022-30273?

CVE-2022-30273 is considered a moderate severity vulnerability due to its impact on message integrity.

How do I fix CVE-2022-30273?

To fix CVE-2022-30273, update the Motorola MDLC software to versions beyond 4.83.001.

What are the affected versions for CVE-2022-30273?

CVE-2022-30273 affects Motorola MDLC versions 4.80.0024, 4.82.004, and 4.83.001.

What type of vulnerability is CVE-2022-30273?

CVE-2022-30273 is a vulnerability related to improper handling of message integrity in the Motorola MDLC protocol.

Does CVE-2022-30273 affect Legacy Encryption mode?

Yes, CVE-2022-30273 primarily impacts the Legacy Encryption mode using the Tiny Encryption Algorithm in ECB mode.

Vulnerability/
CVE-2022-30273

critical

9.8

CWE

327 345

26/7/2022

3/8/2024

CVE-2022-30273

First published: Tue Jul 26 2022(Updated: )

The Motorola MDLC protocol through 2022-05-02 mishandles message integrity. It supports three security modes: Plain, Legacy Encryption, and New Encryption. In Legacy Encryption mode, traffic is encrypted via the Tiny Encryption Algorithm (TEA) block-cipher in ECB mode. This mode of operation does not offer message integrity and offers reduced confidentiality above the block level, as demonstrated by an ECB Penguin attack against any block ciphers.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Motorola Solutions MDLC
Motorola Solutions MDLC	=4.80.0024
Motorola Solutions MDLC	=4.82.004
Motorola Solutions MDLC	=4.83.001

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

ICSA-22-179-05

Frequently Asked Questions

What is the severity of CVE-2022-30273?
CVE-2022-30273 is considered a moderate severity vulnerability due to its impact on message integrity.
How do I fix CVE-2022-30273?
To fix CVE-2022-30273, update the Motorola MDLC software to versions beyond 4.83.001.
What are the affected versions for CVE-2022-30273?
CVE-2022-30273 affects Motorola MDLC versions 4.80.0024, 4.82.004, and 4.83.001.
What type of vulnerability is CVE-2022-30273?
CVE-2022-30273 is a vulnerability related to improper handling of message integrity in the Motorola MDLC protocol.
Does CVE-2022-30273 affect Legacy Encryption mode?
Yes, CVE-2022-30273 primarily impacts the Legacy Encryption mode using the Tiny Encryption Algorithm in ECB mode.

agent/weakness
agent/author
agent/type
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/severity
agent/references
agent/softwarecombine
agent/trending
agent/source
agent/tags
collector/ics-cert-advisory
source/ICS
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
collector/nvd-api
source/NVD
vendor/motorola solutions
canonical/motorola solutions mdlc
vendor/motorolasolutions
version/motorola solutions mdlc/4.80.0024
version/motorola solutions mdlc/4.82.004
version/motorola solutions mdlc/4.83.001

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.