Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Motorola ACE1000 RTUs through 2022-05-02 mishandle application integrity. They allow for custom application installation via either STS software, the C toolkit, or the ACE1000 Easy Configurator. In the case of the Easy Configurator, application images (as PLX/DAT/APP/CRC files) are uploaded via the Web UI. In case of the C toolkit, they are transferred and installed using SFTP/SSH. In each case, application images were found to have no authentication (in the form of firmware signing) and only relied on insecure checksums for regular integrity checks.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Motorola Solutions ACE1000 数据伪造问题漏洞
Vulnerability Description
Motorola Solutions ACE1000是美国摩托罗拉解决方案(Motorola Solutions)公司的一个远程终端单元。 Motorola Solutions ACE1000 版本存在数据伪造问题漏洞,该漏洞源于允许通过 STS 软件、C 工具包或 ACE1000 Easy Configurator 安装自定义应用程序,攻击者利用该漏洞可以运行远程代码执行或导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A