CVE-2023-4929 NPort 5000 Series Firmware Improper Validation of Integrity Check Vulnerability

🗓️ 03 Oct 2023 13:54:49Reported by MoxaType

NPort 5000 Series Firmware Integrity Check Vulnerabilit

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the microprogramming software of Moxa NPort series 5000 devices stems from insufficient checks on the integrity of the firmware. Exploiting this vulnerability can allow a malicious actor to gain control over the vulnerable device remotely.	6 Oct 202300:00	–	bdu_fstec
Circl	CVE-2023-4929	3 Oct 202318:46	–	circl
CNNVD	MOXA NPort 5000 Series Security Breach	3 Oct 202300:00	–	cnnvd
CVE	CVE-2023-4929	3 Oct 202313:54	–	cve
EUVD	EUVD-2023-54765	3 Oct 202520:07	–	euvd
NVD	CVE-2023-4929	3 Oct 202314:15	–	nvd
OSV	CVE-2023-4929	3 Oct 202314:15	–	osv
Prion	Input validation	3 Oct 202314:15	–	prion
RedhatCVE	CVE-2023-4929	23 May 202504:25	–	redhatcve
Tenable Nessus	Moxa NPort 5000 Series Improper Validation of Integrity Check Value (CVE-2023-4929)	6 Oct 202300:00	–	nessus

[
  {
    "defaultStatus": "unaffected",
    "product": "NPort 5000AI-M12 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "1.5",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort 5100 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.10",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort 5100A Series ",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "1.6",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort 5200 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "2.12",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort 5200A Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "1.6",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort 5400 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.14",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort 5600 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "3.11",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort 5600-DT Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "2.9",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort IA5000 Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "2.1",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort IA5000A Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "2.0",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort IA5000A-I/O Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "2.0",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort IAW5000A-I/O Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "2.2",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "NPort P5150A Series",
    "vendor": "Moxa",
    "versions": [
      {
        "lessThanOrEqual": "1.6",
        "status": "affected",
        "version": "1.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
moxa	www.moxa.com/en/support/product-support/security-advisory/mpsa-233328-nport-5000-series-firmware-improper-validation-of-integrity-check-vulnerability

03 Oct 2023 13:54Current

9High risk

Vulners AI Score9

CVSS 3.16.5

EPSS0.00042

CWE-354