VYPR
Unrated severityNVD Advisory· Published Jul 26, 2022· Updated Aug 3, 2024

CVE-2022-30276

CVE-2022-30276

Description

The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement. They feature IP Gateway modules which allow for interfacing between Motorola Data Link Communication (MDLC) networks (potentially over a variety of serial, RF and/or Ethernet links) and TCP/IP networks. Communication with RTUs behind the gateway is done by means of the proprietary IPGW protocol (5001/TCP). This protocol does not have any authentication features, allowing any attacker capable of communicating with the port in question to invoke (a subset of) desired functionality.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Motorola/MOSCAD and ACE line of RTUsdescription
  • Motorola/MOSCADllm-create
    Range: through 2022-05-02
  • VMware/Acellm-fuzzy
    Range: through 2022-05-02

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.