CVE-2016-9369

high-risk
Published 2017-02-13

An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. Firmware can be updated over the network without authentication, which may allow remote code execution.

Do I need to act?

~
7.4% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (10)

Nport 5100 Series Firmware
Nport 5200 Series Firmware
Nport P5150A Series Firmware
Nport 5200A Series Firmware
Nport 5X50A1-M12 Series Firmware
Nport 5600-8-Dtl Series Firmware
Nport 5400 Series Firmware
Nport 5600 Series Firmware
Nport 5100A Series Firmware
Nport 6100 Series Firmware

Affected Vendors

Moxa

References (4)

Third Party Advisory http://www.securityfocus.com/bid/85965
Third Party Advisory https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02
Third Party Advisory http://www.securityfocus.com/bid/85965
Third Party Advisory https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02
58
/ 100
high-risk
Severity 32/34 · Critical
Exploitability 10/34 · Low
Exposure 16/34 · Moderate