Vulnerability Description
The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5 preconfigured accounts (root, abuilder, acelogin, cappl, ace), all of which come with default credentials. Although the ACE1000 documentation mentions the root, abuilder and acelogin accounts and instructs users to change the default credentials, the cappl and ace accounts remain undocumented and thus are unlikely to have their credentials changed.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Motorola | Ace1000 Firmware | - |
| Motorola | Ace1000 | - |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06MitigationThird Party AdvisoryUS Government Resource
- https://www.forescout.com/blog/Not Applicable
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-06MitigationThird Party AdvisoryUS Government Resource
- https://www.forescout.com/blog/Not Applicable
FAQ
What is CVE-2022-30270?
CVE-2022-30270 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations tha...
How severe is CVE-2022-30270?
CVE-2022-30270 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-30270?
Check the references section above for vendor advisories and patch information. Affected products include: Motorola Ace1000 Firmware, Motorola Ace1000.