This afternoon the DHS ICS-CERT published an
alert for five publicly reported vulnerabilities in the Moxa NPort 6110,
5100 series, and 6000 series devices. The vulnerabilities were publicly reported [link updated 21:54 EST, 2-18-17] by Digital Bond Labs (not named in the alert) after initial coordination
with the vendor failed to respond to the vulnerabilities in a timely manner.
The ICS-CERT alert lists the five vulnerabilities as:
• Unauthenticated retrievable
sensitive account information;
• Unauthenticated remote firmware
update;
• Buffer overflow;
• Cross-site scripting;
• Cross-site request forgery
ICS-CERT reports that Moxa has acknowledged three of the
five vulnerabilities and announces that Moxa will release a new firmware
version in late-August 2016 for the NPort 5100 and 6000 series devices that
will address those three vulnerabilities. The NPort 6110 is a discontinued
device and no updates are planned.
The Digital Bond Labs write-up contains some very specific
recommendations about mitigating the vulnerabilities.
Posts
No comments:
Post a Comment