MOXA NPort IAW5000A-I/O Series Cleartext Transmission of Sensitive Information (CVE-2020-25190)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501465);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/04");

  script_cve_id("CVE-2020-25190");

  script_name(english:"MOXA NPort IAW5000A-I/O Series Cleartext Transmission of Sensitive Information (CVE-2020-25190)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version
2.1 or lower stores and transmits the credentials of third-party
services in cleartext.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  script_set_attribute(attribute:"see_also", value:"https://us-cert.cisa.gov/ics/advisories/icsa-20-287-01");
  script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.

Moxa has released an updated firmware version for the NPort IAW5000A-I/O Series and recommends users install this update
on all affected systems.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-25190");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(319);

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/12/23");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/12/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/02");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:nport_iaw5000a-i%2fo_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Moxa");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Moxa');

var asset = tenable_ot::assets::get(vendor:'Moxa');

var vuln_cpes = {
    "cpe:/o:moxa:nport_iaw5000a-i%2fo_firmware" :
        {"versionEndIncluding" : "2.1", "family" : "NPort"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);