cvedb.io
CVE-2022-30275
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2022-07-26T22:15:11.273 · Last modified 2026-06-17T04:43:23.680

Summary

The Motorola MOSCAD Toolbox software through 2022-05-02 relies on a cleartext password. It utilizes an MDLC driver to communicate with MOSCAD/ACE RTUs for engineering purposes. Access to these communications is protected by a password stored in cleartext in the wmdlcdrv.ini driver configuration file. In addition, this password is used for access control to MOSCAD/STS projects protected with the Legacy Password feature. In this case, an insecure CRC of the password is present in the project file: this CRC is validated against the password in the driver configuration file.

Affected products

motorolasolutions — mdlc

Does this affect you?

Add your gear to cvedb and we'll alert you only when motorolasolutions ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.