Skip to main content

Nport 5150Ai M12 Ct T Firmware CVE-2023-4929

HIGH
Improper Validation of Integrity Check Value (CWE-354)
2023-10-03 psirt@moxa.com
Information Disclosure Nport 5150Ai M12 Ct T Firmware Nport 5250Ai M12 Ct T Firmware Nport 5150Ai M12 T Firmware Nport 5250Ai M12 T Firmware Nport 5450Ai M12 Ct T Firmware Nport 5150Ai M12 Firmware Nport 5250Ai M12 Firmware Nport 5150Ai M12 Ct Firmware Nport 5250Ai M12 Ct Firmware Nport 5450Ai M12 T Firmware Nport 5450Ai M12 Firmware Nport 5450Ai M12 Ct Firmware Nport 5130 Firmware Nport 5150 Firmware Nport 5110 Firmware Nport 5110 T Firmware Nport 5110A Firmware Nport 5110A T Firmware Nport 5130A Firmware Nport 5130A T Firmware Nport 5150A Firmware Nport 5150A T Firmware Nport 5210A Firmware Nport 5210A T Firmware Nport 5230A Firmware Nport 5230A T Firmware Nport 5250A Firmware Nport 5250A T Firmware Nport 5210 Firmware Nport 5232 Firmware Nport 5210 T Firmware Nport 5232 T Firmware Nport 5230 T Firmware Nport 5232I T Firmware Nport 5230 Firmware Nport 5232I Firmware Nport 5410 Firmware Nport 5430 Firmware Nport 5450 Firmware Nport 5450I Firmware Nport 5450 T Firmware Nport 5450I T Firmware Nport 5610 8 48V Firmware Nport 5630 16 Firmware Nport 5630 8 Firmware Nport 5650 8 Firmware Nport 5610 16 Firmware Nport 5650 8 M Sc Firmware Nport 5650 8 T Firmware Nport 5650 16 S Sc Firmware Nport 5650 8 Hv T Firmware Nport 5650 16 T Firmware Nport 5650 16 Firmware Nport 5650 16 Hv T Firmware Nport 5610 8 Firmware Nport 5610 16 48V Firmware Nport 5650 8 S Sc Firmware Nport 5650 16 M Sc Firmware Nport 5610 8 Dt Firmware Nport 5610 8 Dt J Firmware Nport 5650 8 Dt Firmware Nport 5650 8 Dt J Firmware Nport 5650I 8 Dt Firmware Nport 5610 8 Dt T Firmware Nport 5650I 8 Dt T Firmware Nport 5650 8 Dt T Firmware Nport Ia 5150 Firmware Nport Ia 5150I Firmware Nport Ia 5150 M Sc Firmware Nport Ia 5150I M Sc Firmware Nport Ia 5150 S Sc Firmware Nport Ia 5150I S Sc Firmware Nport Ia 5150 T Firmware Nport Ia 5150I T Firmware Nport Ia 5150 M Sc T Firmware Nport Ia 5150I M Sc T Firmware Nport Ia 5150 S Sc T Firmware Nport Ia 5150I S Sc T Firmware Nport Ia 5250 Firmware Nport Ia 5250 T Firmware Nport Ia 5150 M St Firmware Nport Ia 5150 M St T Firmware Nport Ia 5250I Firmware Nport Ia 5250I T Firmware Nport Ia5450A Firmware Nport Ia5450Ai Firmware Nport Ia5450Ai T Firmware Nport Ia5450A T Firmware Nport Ia5150A Firmware Nport Ia5150Ai Firmware Nport Ia5150Ai T Firmware Nport Ia5150A T Firmware Nport Ia5250A Firmware Nport Ia5250Ai Firmware Nport Ia5250Ai T Firmware Nport Ia5250A T Firmware Nport Ia5150A Iex Firmware Nport Ia5150Ai Iex Firmware Nport Ia5150Ai T Iex Firmware Nport Ia5150A T Iex Firmware Nport Ia5250A Iex Firmware Nport Ia5250Ai Iex Firmware Nport Ia5250Ai T Iex Firmware Nport Ia5250A T Iex Firmware Nport Ia5000A I O Firmware Nport Iaw5000A I O Firmware Nport P5150A Firmware Nport P5150A T Firmware
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Oct 03, 2023 - 14:15 nvd
HIGH 8.8

DescriptionNVD

All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.

AnalysisAI

All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-354. All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices. Affected products include: Moxa Nport 5150Ai-M12-Ct-T Firmware, Moxa Nport 5250Ai-M12-Ct-T Firmware, Moxa Nport 5150Ai-M12-T Firmware, Moxa Nport 5250Ai-M12-T Firmware, Moxa Nport 5450Ai-M12-Ct-T Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2023-4929 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy