Today the DHS ICS-CERT published a new control system security
advisory for the Moxa Industrial Ethernet Switch PT-7728 series. The advisory
describes an improper authorization vulnerability in the switch. The
vulnerability was reported by Can Demirel. Moxa has produced an update to
mitigate the vulnerability. Demirel has been provided an opportunity to verify
the efficacy of the fix.
ICS-CERT reports that crafting an exploit for this remotely
accessible vulnerability would require the use of a local proxy to interrupt
traffic and update switch configuration.
Posts
No comments:
Post a Comment