Vulnerability CVE-2017-14028


Published: 2017-11-16   Modified: 2017-11-17

Description:
A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 Version 3.7 and prior, and NPort 5150 Version 3.7 and prior. An attacker may be able to exhaust memory resources by sending a large amount of TCP SYN packets.

Type:

CWE-400

(Uncontrolled Resource Consumption ('Resource Exhaustion'))

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
MOXA -> Nport 5110 firmware 
MOXA -> Nport 5130 firmware 
MOXA -> Nport 5150 firmware 

 References:
http://www.securityfocus.com/bid/101885
https://ics-cert.us-cert.gov/advisories/ICSA-17-320-01

Copyright 2022, cxsecurity.com

 

Back to Top