CVE-2023-4929

NPort 5000 Series Firmware Improper Validation of Integrity Check Vulnerability

CVSS 6.5 MEDIUMEPSS 0.3%CWE-354

All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

Productos afectados

Moxa · NPort 5000AI-M12 Series Moxa · NPort 5100A Series Moxa · NPort 5100 Series Moxa · NPort 5200A Series Moxa · NPort 5200 Series Moxa · NPort 5400 Series Moxa · NPort 5600-DT Series Moxa · NPort 5600 Series Moxa · NPort IA5000A-I/O Series Moxa · NPort IA5000A Series Moxa · NPort IA5000 Series Moxa · NPort IAW5000A-I/O Series Moxa · NPort P5150A Series

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-233328-nport-5000-series-firmware-improper-validation-of-integrity-check-vulnerability