Improper validation of integrity check value in Moxa Hardware solutions

#VU81458 Improper validation of integrity check value in Moxa Hardware solutions

Published: 2023-10-04

Vulnerability identifier: #VU81458

Vulnerability risk: Low

CVSSv3.1: 6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2023-4929

CWE-ID: CWE-354

Exploitation vector: Network

Exploit availability: No

Vendor: Moxa

Description

The vulnerability allows a remote user to bypass integrity checks.

The vulnerability exists due to improper validation of integrity check. A remote authenticated administrator can manipulate the firmware and gain control of devices.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

NPort 5000AI-M12 Series: 1.5

NPort 5130: 3.10

NPort 5150: 3.10

NPort 5110: 2.10

NPort 5100A Series: 1.6

NPort 5200 Series: 2.12

NPort 5200A Series: 1.6

NPort 5410: 2.9 - 3.14

NPort 5430: 2.9 - 3.14

NPort 5450: 2.9 - 3.14

NPort 5600 Series: 3.11

NPort 5600-DT Series: 2.9

NPort IA5000 Series: 1.7 - 2.1

NPort IA5450A Series: 2.0

NPort IA5150A: 1.5

NPort IA5250A: 1.5

NPort IA5000A-I/O Series: 2.0

NPort IAW5000A-I/O Series: 2.2

NPort P5150A Series: 1.6

External links
http://www.moxa.com/en/support/product-support/security-advisory/mpsa-233328-nport-5000-series-firmware-improper-validation-of-integrity-check-vulnerability

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Improper validation of integrity check value in Moxa NPort 5000 Series