This afternoon the DHS ICS-CERT published an advisory
for control system vulnerabilities in the Moxa MiiNePort serial device server
module series. The multiple vulnerabilities were reported by Karn
Ganeshen earlier this month on the Full Disclosure mail list. Moxa will
reported produce a beta version of a firmware patch in late May 2016.
The reported vulnerabilities include:
• Cleartext storage of sensitive
information - CVE-2016-2295;
• Cross-site request forgery - CVE-2016-2285;
and
• Weak credential management - CVE-2016-2286
ICS-CERT reports that a relatively unskilled attacker could
remotely exploit the vulnerabilities to silently unauthorized actions on the
device such as password change, configuration parameter changes, saving
modified configuration, and device reboot.
ICS-CERT is reporting that Moxa recommends disabling Ports
TCP/80 (HTTP) and TCP/23 (TELNET). The other two affected ports {UDP/161
(SNMP), UDP/4800 (utility), and TCP/4900 (utility)} are needed for remote
operation and should be protected.
Posts
No comments:
Post a Comment