SB2021120106 - Multiple vulnerabilities in Moxa ioPAC 8500 and ioPAC 8600 Series (IEC Models) Controllers

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Path traversal (CVE-ID: CVE-2020-25176)

The vulnerability allows a remote user to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences within the ISaGRAF eXchange Layer (IXL) protocol. A remote administrator can send a specially crafted HTTP request and read arbitrary files on the system.

2) Cleartext transmission of sensitive information (CVE-ID: CVE-2020-25178)

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker can upload, read, and delete files.

3) Use of Hard-coded Cryptographic Key (CVE-ID: CVE-2020-25180)

The vulnerability allows a remote attacker to disclose sensitive information on the target system.

The vulnerability exists due to use of hard-coded cryptographic key issue. A remote attacker can pass their own encrypted password to the ISaGRAF 5 Runtime, and cause information disclosure on the device.

4) Cleartext storage of sensitive information (CVE-ID: CVE-2020-25184)

The vulnerability allows a local user to gain access to other users' credentials.

The vulnerability exists due to the ISaGRAF Runtime stored credentials in plain text in a configuration file on the system. A local user can view contents of the configuration file and gain access to passwords for 3rd party integration.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://www.moxa.com/en/support/product-support/security-advisory/iopac-8500-and-iopac-8600-series-iec-models-controllers-vulnerabilities