Vulnerability CVE-2016-9363


Published: 2017-02-13   Modified: 2017-02-14

Description:
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Buffer overflow vulnerability may allow an unauthenticated attacker to remotely execute arbitrary code.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
MOXA -> Nport 5100 series firmware 
MOXA -> Nport 5400 series firmware 
MOXA -> Nport 5600 series firmware 
MOXA -> Nport 5100a series firmware 
MOXA -> Nport p5150a series firmware 
MOXA -> Nport 5200 series firmware 
MOXA -> Nport 6100 series firmware 
MOXA -> Nport 5200a series firmware 
MOXA -> Nport 5x50a1-m12 series firmware 
MOXA -> Nport 5600-8-dtl series firmware 

 References:
http://www.securityfocus.com/bid/85965
https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02

Copyright 2022, cxsecurity.com

 

Back to Top