Multiple vulnerabilities in Moxa PT-7528 and PT-7828 Series Ethernet Switches
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2020-6989 CVE-2020-6987 CVE-2020-6983 CVE-2020-6985 CVE-2020-6995 CVE-2020-6993 |
| CWE-ID | CWE-121 CWE-327 CWE-321 CWE-798 CWE-521 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
PT-7528 Series Hardware solutions / Routers & switches, VoIP, GSM, etc PT-7828 Series Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Moxa |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Stack-based buffer overflow
EUVDB-ID: #VU25608
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-6989
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web server. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code or cause a denial of service (DoS) condition on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsPT-7528 Series: 4.0
PT-7828 Series: 3.9
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-056-03
http://www.moxa.com/en/support/support/security-advisory/pt-7528-7828-ethernet-switches-vulnerabilities
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU25609
Risk: Medium
CVSSv3.1: 6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-6987
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected products use a weak cryptographic algorithm. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsPT-7528 Series: 4.0
PT-7828 Series: 3.9
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-056-03
http://www.moxa.com/en/support/support/security-advisory/pt-7528-7828-ethernet-switches-vulnerabilities
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Use of Hard-coded Cryptographic Key
EUVDB-ID: #VU25610
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-6983
CWE-ID:
CWE-321 - Use of Hard-coded Cryptographic Key
Exploit availability: No
DescriptionCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsPT-7528 Series: 4.0
PT-7828 Series: 3.9
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-056-03
http://www.moxa.com/en/support/support/security-advisory/pt-7528-7828-ethernet-switches-vulnerabilities
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Use of hard-coded credentials
EUVDB-ID: #VU25611
Risk: High
CVSSv3.1: 9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-6985
CWE-ID:
CWE-798 - Use of Hard-coded Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain full access to vulnerable system.
The vulnerability exists due to presence of hard-coded credentials in application code. A remote unauthenticated attacker can access the affected system using the hard-coded credentials for access to the console.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsPT-7528 Series: 4.0
PT-7828 Series: 3.9
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-056-03
http://www.moxa.com/en/support/support/security-advisory/pt-7528-7828-ethernet-switches-vulnerabilities
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Weak password requirements
EUVDB-ID: #VU25612
Risk: Medium
CVSSv3.1: 6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-6995
CWE-ID:
CWE-521 - Weak Password Requirements
Exploit availability: No
DescriptionThe vulnerability allows an attacker to perform brute-force attack and guess the password.
The vulnerability exists due to weak password requirements. An attacker can perform a brute-force attack and guess users' passwords.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsPT-7528 Series: 4.0
PT-7828 Series: 3.9
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-056-03
http://www.moxa.com/en/support/support/security-advisory/pt-7528-7828-ethernet-switches-vulnerabilities
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Information disclosure
EUVDB-ID: #VU25613
Risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-6993
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to improper access restrictions in the web service. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsPT-7528 Series: 4.0
PT-7828 Series: 3.9
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-056-03
http://www.moxa.com/en/support/support/security-advisory/pt-7528-7828-ethernet-switches-vulnerabilities
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
