Motorola MM1000 MoCA Adapter Privilege Escalation Vulnerabilities

Potential Impact: Privilege escalation
Severity: Medium
Scope of Impact: Motorola specific
CVE Identifier: CVE-2021-3458, CVE-2021-3459
 
Summary Description:
The following privilege escalation vulnerabilities were reported in the Motorola MM1000 MoCA adapter.
 
CVE-2021-3458: The MM1000 device configuration portal can be accessed without authentication, which could allow adapter settings to be modified.
CVE-2021-3459: A privilege escalation vulnerability was reported in the MM1000 device configuration web server, which could allow privileged shell access and/or arbitrary privileged commands to be executed on the adapter.
 
Mitigation Strategy for Customers (what you should do to protect yourself):
Until updated firmware is available, the following steps can be followed as an interim workaround.
Note: these steps will disable Web GUI access and secure your MM1000
  1. Enable MoCA security by following the steps at https://motorolacable.com/mocasecurity/
  2. Prior to disconnecting your computer from the MM1000, type the following command in your web browser to disable web GUI access: http://192.168.0.2/cmd.sh?http-disable
  3. Confirm that Web GUI access is disabled by attempting to navigate to http://192.168.0.2/
  4. Perform the steps above for all MM1000 MoCA adapters on your network
  5. If you need to re-gain web GUI access, you can reset the MM1000 to factory defaults by pressing and holding the reset button for 3 seconds and repeating the steps to secure your MM1000 once you’re done using the Web GUI
Acknowledgement:
Motorola thanks Anthony V. DeRosa for reporting these issues.
 
References:
https://motorolacable.com/mocasecurity/
 
Revision History:
Revision Date Description
1 2021-04-13 Initial Release
Have more questions? Submit a request

0 Comments

Article is closed for comments.