"Moxa NPort Device Flaws Can Expose Critical Infrastructure to Disruptive Attacks"
It was recently discovered that two potentially serious vulnerabilities could allow threat actors to cause significant disruption in a widely used industrial connectivity device made by Moxa. After learning about the flaws, the Taiwan-based industrial networking and automation solutions provider fixed the flaws. The two security vulnerabilities tracked as CVE-2022-2043 and CVE-2022-2044 and rated high severity affect Moxa’s NPort 5110 device servers, which are designed for connecting serial devices to Ethernet networks. It was noted that a remote attacker can exploit the vulnerabilities to cause the targeted device to enter a denial of service (DoS) condition. Moxa and the US Cybersecurity and Infrastructure Security Agency (CISA) have released advisories for the vulnerabilities. Moxa said only firmware version 2.10 is affected and instructed customers to contact its tech support department for assistance. CISA told impacted organizations to contact Moxa for a security patch. The researcher who discovered the vulnerabilities stated that exploiting both requires just a network connection to the targeted device. The researcher also noted that exploits can be executed in mere seconds and can be automated and executed via the internet. The impacted NPort devices are used worldwide, including in critical infrastructure sectors such as energy, critical manufacturing, and transportation systems.