Lucene search

HistoryAug 02, 2023 - 12:00 a.m.

Moxa MGate Man-in-The-Middle (CVE-2022-27048)

2023-08-0200:00:00

www.tenable.com

moxa

mgate

vulnerability

man-in-the-middle

attack

mb3170

mb3270

mb3280

mb3480

firmware

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

49.2%

JSON

A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device.
This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(501429);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/08/03");

  script_cve_id("CVE-2022-27048");

  script_name(english:"Moxa MGate Man-in-The-Middle (CVE-2022-27048)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"A vulnerability has been discovered in Moxa MGate which allows an
attacker to perform a man-in-the-middle (MITM) attack on the device.
This affects MGate MB3170 Series Firmware Version 4.2 or lower. and
MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280
Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware
Version 3.2 or lower.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # https://www.moxa.com/en/support/product-support/security-advisory/mgate-mb3170-mb3270-mb3280-mb3480-protocol-gateways-vulnerability
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d76df69f");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-27048");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/04/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/04/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/08/02");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170-m-sc-t_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170-m-sc_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170-m-st-t_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170-m-st_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170-s-sc-t_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170-s-sc_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170-t_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170i-m-sc-t_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170i-m-sc_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170i-s-sc-t_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170i-s-sc_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170i-t_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3170i_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3270-t_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3270_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3270i-t_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3270i_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3280_firmware");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:mgate_mb3480_firmware");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Moxa");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Moxa');

var asset = tenable_ot::assets::get(vendor:'Moxa');

var vuln_cpes = {
    "cpe:/o:moxa:mgate_mb3170i_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170i-t_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170-m-st_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170-m-sc-t_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170-t_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170-m-sc_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170i-s-sc_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3270i_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3270i-t_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170i-m-sc_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170-s-sc-t_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170i-m-sc-t_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3270_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3270-t_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170-s-sc_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170-m-st-t_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3170i-s-sc-t_firmware" :
        {"versionEndIncluding" : "4.2", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3280_firmware" :
        {"versionEndIncluding" : "4.1", "family" : "MoxaMGate"},
    "cpe:/o:moxa:mgate_mb3480_firmware" :
        {"versionEndIncluding" : "3.2", "family" : "MoxaMGate"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_WARNING);

VendorProductVersionCPE
moxamgate_mb3170-m-sc-t_firmwarecpe:/o:moxa:mgate_mb3170-m-sc-t_firmware
moxamgate_mb3170-m-sc_firmwarecpe:/o:moxa:mgate_mb3170-m-sc_firmware
moxamgate_mb3170-m-st-t_firmwarecpe:/o:moxa:mgate_mb3170-m-st-t_firmware
moxamgate_mb3170-m-st_firmwarecpe:/o:moxa:mgate_mb3170-m-st_firmware
moxamgate_mb3170-s-sc-t_firmwarecpe:/o:moxa:mgate_mb3170-s-sc-t_firmware
moxamgate_mb3170-s-sc_firmwarecpe:/o:moxa:mgate_mb3170-s-sc_firmware
moxamgate_mb3170-t_firmwarecpe:/o:moxa:mgate_mb3170-t_firmware
moxamgate_mb3170_firmwarecpe:/o:moxa:mgate_mb3170_firmware
moxamgate_mb3170i-m-sc-t_firmwarecpe:/o:moxa:mgate_mb3170i-m-sc-t_firmware
moxamgate_mb3170i-m-sc_firmwarecpe:/o:moxa:mgate_mb3170i-m-sc_firmware

Vendor	Product	CPE
moxa	mgate_mb3170-m-sc-t_firmware	cpe:/o:moxa:mgate_mb3170-m-sc-t_firmware
moxa	mgate_mb3170-m-sc_firmware	cpe:/o:moxa:mgate_mb3170-m-sc_firmware
moxa	mgate_mb3170-m-st-t_firmware	cpe:/o:moxa:mgate_mb3170-m-st-t_firmware
moxa	mgate_mb3170-m-st_firmware	cpe:/o:moxa:mgate_mb3170-m-st_firmware
moxa	mgate_mb3170-s-sc-t_firmware	cpe:/o:moxa:mgate_mb3170-s-sc-t_firmware
moxa	mgate_mb3170-s-sc_firmware	cpe:/o:moxa:mgate_mb3170-s-sc_firmware
moxa	mgate_mb3170-t_firmware	cpe:/o:moxa:mgate_mb3170-t_firmware
moxa	mgate_mb3170_firmware	cpe:/o:moxa:mgate_mb3170_firmware
moxa	mgate_mb3170i-m-sc-t_firmware	cpe:/o:moxa:mgate_mb3170i-m-sc-t_firmware
moxa	mgate_mb3170i-m-sc_firmware	cpe:/o:moxa:mgate_mb3170i-m-sc_firmware

Rows per page:

1-10 of 201

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27048

www.nessus.org/u?d76df69f

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

0.001 Low

EPSS

Percentile

49.2%

JSON

Related for TENABLE_OT_MOXA_CVE-2022-27048.NASL