Moxa PT-7728 Series Switch Improper Authorization Vulnerability

25 June 2016

CVE: CVE-2016-4514
CVSS:CVSS Base Score 7.7 High (AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L)
Severity: High
Product: Moxa PT-7728 Industrial Switch
Affected Versions: Version 3.4 build 15081113
Reported by: Can Demirel (https://ics-cert.us-cert.gov/advisories/ICSA-16-168-01)
Report date: 14 April 2016
Patch: Moxa has produced an update to mitigate this vulnerability. The update is available upon request.
Impact: Successful exploitation of this vulnerability may allow an attacker to access management functions. Attackers can update switch configuration.

Mitigation:

• Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.
• Locate control system networks and remote devices behind firewalls, and isolate them from the business network.
• When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing that VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize that VPN is only as secure as the connected devices.

References: https://ics-cert.us-cert.gov/advisories/ICSA-16-168-01

Written by Can Demirel Posted in Advisory, ENGLISH, Home, ICS/SCADA