What is CVE-2023-23774?

CVE-2023-23774 is a vulnerability in the Motorola EBTS/MBTS Site Controller firmware that allows an attacker with physical access to trigger an unhandled exception, causing the device to drop to a debug prompt.

How does CVE-2023-23774 affect Motorola EBTS/MBTS Site Controller?

CVE-2023-23774 affects the Motorola EBTS/MBTS Site Controller by exposing a debug prompt on the device's serial port when an unhandled exception occurs.

What is the severity of CVE-2023-23774?

CVE-2023-23774 has a severity rating of 8.4, which is considered high.

How can an attacker exploit CVE-2023-23774?

To exploit CVE-2023-23774, an attacker needs physical access to the device and the ability to trigger an unhandled exception.

Is the Motorola EBTS Site Controller or MBTS Site Controller vulnerable?

The Motorola EBTS Site Controller and MBTS Site Controller are not vulnerable to CVE-2023-23774.

Vulnerability/
CVE-2023-23774

high

8.4

CWE

755 248

29/8/2023

3/10/2024

CVE-2023-23774

First published: Tue Aug 29 2023(Updated: )

Motorola EBTS/MBTS Site Controller drops to debug prompt on unhandled exception. The Motorola MBTS Site Controller exposes a debug prompt on the device's serial port in case of an unhandled exception. This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device.

Credit: cert@ncsc.nl cert@ncsc.nl

Affected Software	Affected Version	How to fix
Motorola Ebts Site Controller Firmware
Motorola Ebts Site Controller
Motorola Mbts Site Controller Firmware
Motorola MBTS Site Controller
All of
Motorola Ebts Site Controller Firmware
Motorola Ebts Site Controller
All of
Motorola Mbts Site Controller Firmware
Motorola MBTS Site Controller

Never miss a vulnerability like this again

Reference Links

https://tetraburst.com/

Frequently Asked Questions

What is CVE-2023-23774?
CVE-2023-23774 is a vulnerability in the Motorola EBTS/MBTS Site Controller firmware that allows an attacker with physical access to trigger an unhandled exception, causing the device to drop to a debug prompt.
How does CVE-2023-23774 affect Motorola EBTS/MBTS Site Controller?
CVE-2023-23774 affects the Motorola EBTS/MBTS Site Controller by exposing a debug prompt on the device's serial port when an unhandled exception occurs.
What is the severity of CVE-2023-23774?
CVE-2023-23774 has a severity rating of 8.4, which is considered high.
How can an attacker exploit CVE-2023-23774?
To exploit CVE-2023-23774, an attacker needs physical access to the device and the ability to trigger an unhandled exception.
Is the Motorola EBTS Site Controller or MBTS Site Controller vulnerable?
The Motorola EBTS Site Controller and MBTS Site Controller are not vulnerable to CVE-2023-23774.

collector/nvd-index
agent/author
agent/type
agent/softwarecombine
agent/references
agent/weakness
agent/severity
agent/first-publish-date
agent/description
agent/event
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/motorola
canonical/motorola ebts site controller firmware
canonical/motorola ebts site controller
canonical/motorola mbts site controller firmware
canonical/motorola mbts site controller

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.