Unrated severityNVD Advisory· Published Jul 26, 2022· Updated Aug 3, 2024
CVE-2022-30276
CVE-2022-30276
Description
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Motorola/MOSCAD and ACE line of RTUsdescription
Patches
Vulnerability mechanics
References
2- www.cisa.gov/uscert/ics/advisories/icsa-22-179-04mitrex_refsource_MISC
- www.forescout.com/blog/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.