CVE-2022-27813— Unconfigured memory protection modules in Motorola MTM5000
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-27813
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unconfigured memory protection modules in Motorola MTM5000
Source: NVD (National Vulnerability Database)
Vulnerability Description
Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1260
Source: NVD (National Vulnerability Database)
Vulnerability Title
Motorola MTM5000 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Motorola MTM5000是美国摩托罗拉(Motorola)公司的一种移动收音机。 Motorola MTM5000 存在安全漏洞,该漏洞源于缺乏对 OMAP-L138 ARM 和 DSP 内核之间共享页面的正确配置的内存保护,SoC 提供两个内存保护单元 MPU1 和 MPU2,以强制执行两个内核之间的信任边界,攻击者利用该漏洞可以控制其中一个核心,通过覆盖共享 RAM 或 DDR2 内存区域中的代码轻松获得另一个核心的代码执行权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Motorola | Mobile Radio | MTM5000 | - |
II. Public POCs for CVE-2022-27813
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-27813
请登录查看更多情报信息。
Same Patch Batch · Motorola · 2023-10-19 · 4 CVEs total
| CVE-2022-26941 | 9.6 CRITICAL | Format string vulnerability in AT+CTGL command in Motorola MTM5000 |
| CVE-2022-26943 | 8.8 HIGH | Weak PRNG entropy source used for authentication challenge generation in Motorola MTM5000 |
| CVE-2022-26942 | 8.2 HIGH | Multiple missing pointer validation checks in trusted execution module in Motorola MTM5000 |
IV. Related Vulnerabilities
Same weakness: CWE-1260
- CVE-2018-25240
Watchr 1.1.0.0 Denial of Service via Search - CVE-2018-25238
VSCO 1.1.1.0 Denial of Service via Search - CVE-2019-25602
GSearch 1.0.1.0 Denial of Service via Search Input - CVE-2019-25592
PHPRunner 10.1 Denial of Service via Dashboard Name Field - CVE-2019-25585
Deluge 1.3.15 Denial of Service via Webseeds Field
V. Comments for CVE-2022-27813
No comments yet