By Eduard Kovacs on December 02, 2016 Security researchers have discovered a total of eight vulnerabilities in NPort serial device servers produced by Taiwan-based industrial automation solutions provider Moxa, ICS-CERT reported on Thursday.
The flaws discovered by Reid Wightman, Mikael Vingaard and Maxim Rupp affect more than a dozen NPort models.
Three of the security holes have a CVSS score of 9.8, which puts them in the critical severity category. They can be exploited to retrieve an administrator password without authentication, update the device’s firmware over the network without authentication and potentially achieve code execution, and use brute force to bypass authentication. Full Article
Eight Vulnerabilities Found in Moxa NPort Devices
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.