Vulnerability Description
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Motorola | Moscad Ip Gateway Firmware | All versions |
| Motorola | Moscad Ip Gateway | - |
| Motorola | Ace Ip Gateway \(4600\) Firmware | All versions |
| Motorola | Ace Ip Gateway \(4600\) | - |
Related Weaknesses (CWE)
References
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-04MitigationThird Party AdvisoryUS Government Resource
- https://www.forescout.com/blog/Third Party Advisory
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-179-04MitigationThird Party AdvisoryUS Government Resource
- https://www.forescout.com/blog/Third Party Advisory
FAQ
What is CVE-2022-30276?
CVE-2022-30276 is a vulnerability with a CVSS score of 7.5 (HIGH). The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MD...
How severe is CVE-2022-30276?
CVE-2022-30276 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-30276?
Check the references section above for vendor advisories and patch information. Affected products include: Motorola Moscad Ip Gateway Firmware, Motorola Moscad Ip Gateway, Motorola Ace Ip Gateway \(4600\) Firmware, Motorola Ace Ip Gateway \(4600\).