The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was downloading what appeared to be a client certificate.
References
Link | Resource |
---|---|
https://blog.sean-wright.com/cve-2018-12499/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2018-07-02 09:29
Updated : 2018-09-07 09:33
NVD link : CVE-2018-12499
Mitre link : CVE-2018-12499
JSON object : View
CWE
CWE-295
Improper Certificate Validation
Products Affected
motorola
- mbp853
- mbp853_firmware