CVE-2023-25070
Description
Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0 and earlier. If the telnet connection is enabled, a remote unauthenticated attacker may eavesdrop on or alter the administrator's communication to the product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SkyBridge MB-A100/110 firmware up to 4.2.0 transmits sensitive data in cleartext over telnet, allowing remote unauthenticated attackers to eavesdrop or alter communications.
Vulnerability
In SkyBridge MB-A100/110 firmware version 4.2.0 and earlier, the telnet connection transmits sensitive information in cleartext. This vulnerability allows an attacker to intercept administrator communications if telnet is enabled. The affected models are MB-A100 and MB-A110 [2].
Exploitation
An unauthenticated remote attacker can exploit this vulnerability by eavesdropping on the telnet session to capture sensitive data such as credentials. The attacker does not require any special privileges; they only need network access to the device with telnet enabled. The attack can also be used to alter communications by performing man-in-the-middle attacks [2].
Impact
Successful exploitation leads to disclosure of sensitive information, including administrative credentials, and may allow the attacker to tamper with the device configuration or network traffic. This compromises confidentiality and integrity of the device and its communications [2].
Mitigation
As of the publication date (2023-05-10), no patched firmware version is listed in the available references. Users should disable telnet if not required, or restrict network access to trusted hosts. Contact the vendor Seiko Solutions for updated firmware that addresses this issue [2].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <=4.2.0
- Seiko Solutions Inc./SkyBridge MB-A100/110v5Range: firmware Ver. 4.2.0 and earlier
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- jvn.jp/en/jp/JVN40604023/mitre
- www.seiko-sol.co.jp/archives/73969/mitre
- www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a100/mitre
- www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a130/mitre
- www.seiko-sol.co.jp/products/skybridge/skybridge_download/mb-a200/mitre
- www.seiko-sol.co.jp/products/skyspider/skyspider_download/mb-r210/mitre
News mentions
0No linked articles in our index yet.