1. Home
  2. CVE Database
  3. CVE-2022-27813
HIGH · 8.1

CVE-2022-27813

Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to en...

Vulnerability Description

Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality
LOW
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
MotorolaMtm5500 Firmware-
MotorolaMtm5500-
MotorolaMtm5400 Firmware-
MotorolaMtm5400-

Related Weaknesses (CWE)

CWE-1260

References

FAQ

What is CVE-2022-27813?

CVE-2022-27813 is a vulnerability with a CVSS score of 8.1 (HIGH). Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to en...

How severe is CVE-2022-27813?

CVE-2022-27813 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-27813?

Check the references section above for vendor advisories and patch information. Affected products include: Motorola Mtm5500 Firmware, Motorola Mtm5500, Motorola Mtm5400 Firmware, Motorola Mtm5400.