Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-27813

Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions.

Published

2023-10-19T10:15:10.013

Last Modified

2024-11-21T06:56:14.420

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

Weaknesses

Type: Secondary
CWE-1260
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	motorola	mtm5500_firmware	-	Yes
Hardware	motorola	mtm5500	-	No
Operating System	motorola	mtm5400_firmware	-	Yes
Hardware	motorola	mtm5400	-	No

References

https://tetraburst.com/ Technical Description ([email protected])
https://tetraburst.com/ Technical Description (af854a3a-2127-422b-91ae-364da2661108)