Overview
- Description
- The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- HIGH
Weaknesses
- nvd@nist.gov
- CWE-306
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:motorola:moscad_ip_gateway_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79643AEA-9B7F-4754-9F92-A18087BC23A9"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:motorola:moscad_ip_gateway:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2F6DB9D2-850C-4C18-866C-7B6FDDB102D0"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:motorola:ace_ip_gateway_\\(4600\\)_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CB0DE72-62FB-4E23-85F6-68AF8D0A0DDA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:motorola:ace_ip_gateway_\\(4600\\):-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "64ACF2EF-2AA2-4B33-A514-101A64CFEC8B"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]