CVE-2023-22441
Description
Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which may allow a remote attacker to obtain or alter the setting information of the product or execute some critical functions without authentication, e.g., rebooting the product. Affected products and versions are as follows: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Missing authentication in Seiko Solutions SkyBridge MB-A200 and MB-A130 allows remote attackers to obtain/alter settings or execute functions like reboot without authentication.
Vulnerability
Missing authentication for critical functions exists in Seiko Solutions SkyBridge series, specifically MB-A200 firmware Ver. 01.00.05 and earlier, and MB-A130 firmware Ver. 1.4.1 and earlier. This allows an unauthenticated remote attacker to interact with the device's management interfaces [1][3].
Exploitation
An attacker with network access to the device can send crafted requests to the vulnerable management functions without any authentication. No user interaction is required. The attacker can enumerate or modify settings, or trigger actions such as rebooting the device.
Impact
Successful exploitation leads to unauthorized access to configuration information (confidentiality), alteration of device settings (integrity), and disruption of service via reboot (availability). The attacker gains full control over the affected functions without needing any credentials.
Mitigation
Seiko Solutions has released firmware updates: MB-A130 firmware version 1.7.4 [1] and MB-A200 firmware version 01.03.01 [3]. However, the vendor does not explicitly state that these updates address this vulnerability. Users should apply the latest firmware and restrict network access to the device. No workaround is documented.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: <=1.4.1
- Range: <=01.00.05
- Seiko Solutions Inc./SkyBridge MB-A200 and SkyBridge BASIC MB-A130v5Range: SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- jvn.jp/en/jp/JVN40604023/mitre
- www.seiko-sol.co.jp/archives/73969/mitre
- www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/mitre
- www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/mitre
- www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/mitre
- www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/mitre
News mentions
0No linked articles in our index yet.