The remote Windows host has a version earlier than 2.3 of the Moxa Device Manager (MDM) Tool, used for managing embedded industrial control systems across the Internet. Such versions are affected by a buffer overflow vulnerability that can be triggered using a specially crafted MDM2_Gateway response.
If an attacker can trick a user into connecting with the affected application to a malicious gateway, he can leverage this issue to execute arbitrary code on the affected host, subject to the userβs privileges.
Binary data moxa_mdmtool_2_3.nbin