Industrial control systems used in many industries, including the energy sector, critical manufacturing, and transportation, continues to be an element of concern for security experts. Researchers have discovered several vulnerabilities in Moxa EDS and IKS industrial switches.
The Moxa industrial switches are affected by Classic Buffer Overflow, Cross-site Request Forgery, Cross-site Scripting, Improper Access Controls, Improper Restriction of Excessive Authentication Attempts, Missing Encryption of Sensitive Data, Out-of-bounds Read, Unprotected Storage of Credentials, Predictable from Observable State, and Uncontrolled Resource Consumption issues.
“Successful exploitation of these vulnerabilities could allow the reading of sensitive information, remote code execution, arbitrary configuration changes, authentication bypass, sensitive data capture, reboot of the device, device crash, or full compromise of the device.” reads the security advisory published by the ICS-CERT.
The following Moxa industrial switches are affected: by the flaws
Security experts at Positive Technologies have discovered five vulnerabilities in EDS-405A, EDS-408A, and EDS-510A industrial switches. The list of flaws includes the storage of passwords in plain text, the use of predictable session IDs, the lack of encryption for sensitive data, the lack of mechanisms for preventing brute-force attacks, and flaws that can be exploited to cause a denial-of-service (DoS) condition.
The Moxa IKS-G6824A industrial switches are affected by seven types of flaws, including a buffer overflow that can allow remote code execution, plaintext storage of passwords, multiple cross-site scripting (XSS) issues, failure to handle certain types of packets (which results in DoS), memory disclosure bugs, improper access control for the web interface, and cross-site request forgery (CSRF) flaws.
The most severe issue is a buffer overflow in the web interface that could be exploited by
The vendor already addressed many of the flaws with the release of security patches, the remaining issues can be mitigated by forcing the
(SecurityAffairs – Moxa, industrial switches)