CVE-2023-23770
First published: Tue Aug 29 2023(Updated: )
Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface (MMI), allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled.
Credit: cert@ncsc.nl cert@ncsc.nl
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Motorola Mbts Site Controller Firmware | =r05.32.58 | |
| Motorola MBTS Site Controller |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-23770.
What is the severity of CVE-2023-23770?
The severity of CVE-2023-23770 is critical with a score of 9.8.
What is the affected software for CVE-2023-23770?
The affected software for CVE-2023-23770 is Motorola MBTS Site Controller firmware version r05.32.58.
What is the CWE ID for CVE-2023-23770?
The CWE ID for CVE-2023-23770 is CWE-798.
How can I mitigate CVE-2023-23770?
To mitigate CVE-2023-23770, it is recommended to contact the vendor for a firmware update that addresses the hard-coded backdoor password issue.
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/motorola
- canonical/motorola mbts site controller firmware
- version/motorola mbts site controller firmware/r05.32.58
- canonical/motorola mbts site controller