Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Severe Flaws Expose Moxa Industrial Routers to Attacks

Cisco’s Talos intelligence and research group has reported identifying a total of 17 vulnerabilities in an industrial router from Moxa, including many high severity command injection and denial-of-service (DoS) flaws.

Cisco’s Talos intelligence and research group has reported identifying a total of 17 vulnerabilities in an industrial router from Moxa, including many high severity command injection and denial-of-service (DoS) flaws.

The security holes have been identified in Moxa EDR-810, an integrated industrial multiport secure router that provides firewall, NAT, VPN and managed Layer 2 switch capabilities. According to the vendor, the device is designed for controlling, monitoring and protecting critical assets, such as pumping and treatment systems in water stations, PLC and SCADA systems in factory automation applications, and DCS in oil and gas organizations.Moxa industrial router vulnerabilities

Several of the problems found by Cisco have been described as high severity command injection vulnerabilities affecting the web server functionality of this Moxa router. The flaws allow an attacker to escalate privileges and obtain a root shell on the system by sending specially crafted HTTP POST requests to the targeted device.

The industrial router is also impacted by several high severity DoS flaws that can be exploited by sending specially crafted requests to the device.

There are also four medium severity issues related to the transmission of passwords in clear text, information disclosure involving the Server Agent functionality, and the use of weakly encrypted or clear text passwords. Cisco has made available technical details and proof-of-concept (PoC) code for each of the vulnerabilities.

Learn More at SecurityWeek’s ICS Cyber Security Conference

The vulnerabilities have been reproduced on Moxa EDR-810 v4.1 devices, and they have been patched by the vendor with the release of version 4.2 on April 12. The issues were reported to Moxa in mid and late November 2017, which means it took the company roughly 150 days to release a fix – this is the average patching time for SCADA systems, according to a report published last year by ZDI.

This was not the first time Talos researchers found vulnerabilities in Moxa products. Last year, Talos published advisories describing more than a dozen security holes uncovered in Moxa access points.

This is also not the first time security experts find weaknesses in Moxa’s EDR routers. Back in 2016, researcher Maxim Rupp identified multiple high severity vulnerabilities that could have been exploited for DoS attacks, privilege escalation, and arbitrary code execution.

Advertisement. Scroll to continue reading.

Related: Hundreds of Moxa Devices Similar to Ones Targeted in Ukraine Power Grid Hack Vulnerable to Remote Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.