Thursday, October 20, 2016

ICS-CERT Publishes Moxa Advisory

Today the DHS ICS-CERT published a control system security advisory for a privilege escalation vulnerability in the Moxa EDR-810 Industrial Secure Router. The vulnerability was reported by Maxim Rupp. Moxa has produced a new firmware version to mitigate the vulnerability. There is no indication that Rupp has been provided an opportunity to verify the efficacy of the fix.

ICS-CERT reports that a relatively low skilled attacker could use publicly available information to remotely exploit this vulnerability to escalate privileges, initiate a denial-of-service condition, and execute arbitrary code.

No comments:

/* Use this with templates/template-twocol.html */