Today the DHS ICS-CERT published a control system security
advisory for a privilege escalation vulnerability in the Moxa EDR-810
Industrial Secure Router. The vulnerability was reported by Maxim Rupp. Moxa
has produced a new firmware version to mitigate the vulnerability. There is no
indication that Rupp has been provided an opportunity to verify the efficacy of
the fix.
ICS-CERT reports that a relatively low skilled attacker
could use publicly available information to remotely exploit this vulnerability
to escalate privileges, initiate a denial-of-service condition, and execute
arbitrary code.
Posts
No comments:
Post a Comment