Friday, April 8, 2016

ICS-CERT Publishes Moxa Alert

This afternoon the DHS ICS-CERT published an alert for five publicly reported vulnerabilities in the Moxa NPort 6110, 5100 series, and 6000 series devices. The vulnerabilities were publicly reported [link updated 21:54 EST, 2-18-17] by Digital Bond Labs (not named in the alert) after initial coordination with the vendor failed to respond to the vulnerabilities in a timely manner.

The ICS-CERT alert lists the five vulnerabilities as:

• Unauthenticated retrievable sensitive account information;
• Unauthenticated remote firmware update;  
• Buffer overflow;
• Cross-site scripting;
• Cross-site request forgery

ICS-CERT reports that Moxa has acknowledged three of the five vulnerabilities and announces that Moxa will release a new firmware version in late-August 2016 for the NPort 5100 and 6000 series devices that will address those three vulnerabilities. The NPort 6110 is a discontinued device and no updates are planned.

The Digital Bond Labs write-up contains some very specific recommendations about mitigating the vulnerabilities.

No comments:

/* Use this with templates/template-twocol.html */