Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Eight Vulnerabilities Found in Moxa NPort Devices

Security researchers have discovered a total of eight vulnerabilities in NPort serial device servers produced by Taiwan-based industrial automation solutions provider Moxa, ICS-CERT reported on Thursday.

Security researchers have discovered a total of eight vulnerabilities in NPort serial device servers produced by Taiwan-based industrial automation solutions provider Moxa, ICS-CERT reported on Thursday.

The flaws discovered by Reid Wightman, Mikael Vingaard and Maxim Rupp affect more than a dozen NPort models.

Three of the security holes have a CVSS score of 9.8, which puts them in the critical severity category. They can be exploited to retrieve an administrator password without authentication, update the device’s firmware over the network without authentication and potentially achieve code execution, and use brute force to bypass authentication.

SAVE THE DATE: ICS Cyber Security Conference | Singapore – April 25-27, 2017

The high-severity vulnerabilities can be exploited to remotely execute arbitrary code, to launch cross-site request forgery (CSRF) attacks, and cause a denial-of-service (DoS) condition. The remaining flaws are medium-severity cross-site scripting (XSS) and plaintext password storage issues.

Moxa has released firmware updates for most of the affected NPort devices, except for one model that was discontinued in 2008. The company has advised customers to install the updates.

Vulnerabilities in Siemens, Mitsubishi Electric and Advantech Products

ICS-CERT also published three other advisories describing vulnerabilities affecting products from Siemens, Mitsubishi Electric and Advantech.

Researchers from Russia-based security companies Positive Technologies and Kaspersky Lab discovered that Siemens’ SICAM PAS energy automation software has two high severity and two critical flaws.

The critical weaknesses can be leveraged by an attacker on the network to obtain privileged access to the product’s database using a hardcoded password, and to cause a DoS condition and possibly execute arbitrary code. The other flaws can be used by a local attacker to recover the database password, and by a network attacker to download, upload or delete files in certain parts of the system.

Siemens released SICAM PAS 8.00 to address the password-related issues. The other security holes require access to certain ports, which organizations should block from their firewall until a patch is made available. ICS-CERT’s advisory seems to contain some inaccuracies, but Siemens has published an advisory of its own.

Kaspersky researchers also identified a couple of high severity flaws in Mitsubishi Electric’s MELSEC-Q programmable logic controllers (PLCs). The vulnerabilities affect QJ71E71 ethernet interface modules and they are related to weak encryption and improperly restricted remote access functionality.

Andrea Micalizzi, known online as “rgod,” discovered high severity information disclosure, path traversal and privilege escalation issues in Advantech’s SUSIAccess product, which is designed for building custom intelligent systems. The vendor has replaced SUSIAccess with the WISE-PaaS integrated IoT platform software services and customers have been advised to migrate to the new product.

Related: Moxa, Vanderbilt Surveillance Products Affected by Serious Flaws

Related: Flaws Found in Moxa Factory Automation Products

Related: Flaws Found in Moxa Industrial Ethernet Products

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.

ICS/OT

Vulnerabilities in GE’s Proficy Historian product could be exploited for espionage and to cause damage and disruption in industrial environments.

Cybersecurity Funding

Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round,...

ICS/OT

A hacktivist group has made bold claims regarding an attack on an ICS device, but industry professionals have questioned their claims.

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

ICS/OT

Vulnerabilities in industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to OT networks.

ICS/OT

Serious vulnerabilities found in Econolite EOS traffic controller software can be exploited to control traffic lights, but the flaws remain unpatched.