Lucene search
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.TENABLE_OT_MOXA_CVE-2023-4452.NASLHistoryNov 09, 2023 - 12:00 a.m.
Moxa EDR Products Denial of Service (CVE-2023-4452)
2023-11-0900:00:00
This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
4
moxa
edr products
denial of service
vulnerability
cve-2023-4452
edr-810
edr-g902
edr-g903
insufficient input validation
device reboot
tenable.ot
security advisory
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.0%
A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501764);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/21");
script_cve_id("CVE-2023-4452");
script_name(english:"Moxa EDR Products Denial of Service (CVE-2023-4452)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in the EDR-810, EDR-G902, and
EDR-G903 Series, making them vulnerable to the denial-of-service
vulnerability. This vulnerability stems from insufficient input
validation in the URI, potentially enabling malicious users to trigger
the device reboot.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
# https://www.moxa.com/en/support/product-support/security-advisory/mpsa-234880-edr-810-g902-g903-series-web-server-buffer-overflow-vulnerability
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?9967a61f");
script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-4452");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(120);
script_set_attribute(attribute:"vuln_publication_date", value:"2023/11/01");
script_set_attribute(attribute:"patch_publication_date", value:"2023/11/01");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/09");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:edr-810-2gsfp-t_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:edr-810-2gsfp_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:edr-810-vpn-2gsfp-t_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:edr-810-vpn-2gsfp_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:edr-g902-t_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:edr-g902_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:edr-g903-t_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:moxa:edr-g903_firmware");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Moxa");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Moxa');
var asset = tenable_ot::assets::get(vendor:'Moxa');
var vuln_cpes = {
"cpe:/o:moxa:edr-g903_firmware" :
{"versionEndExcluding" : "5.7.21", "family" : "EDR"},
"cpe:/o:moxa:edr-g903-t_firmware" :
{"versionEndExcluding" : "5.7.21", "family" : "EDR"},
"cpe:/o:moxa:edr-g902_firmware" :
{"versionEndExcluding" : "5.7.21", "family" : "EDR"},
"cpe:/o:moxa:edr-g902-t_firmware" :
{"versionEndExcluding" : "5.7.21", "family" : "EDR"},
"cpe:/o:moxa:edr-810-vpn-2gsfp_firmware" :
{"versionEndExcluding" : "5.12.29", "family" : "EDR"},
"cpe:/o:moxa:edr-810-vpn-2gsfp-t_firmware" :
{"versionEndExcluding" : "5.12.29", "family" : "EDR"},
"cpe:/o:moxa:edr-810-2gsfp_firmware" :
{"versionEndExcluding" : "5.12.29", "family" : "EDR"},
"cpe:/o:moxa:edr-810-2gsfp-t_firmware" :
{"versionEndExcluding" : "5.12.29", "family" : "EDR"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
Related
cvelist
cvelist
CVE-2023-4452 Web Server Buffer Overflow Vulnerability
2023-11-01 14:24:05
prion
prion
Input validation
2023-11-01 15:15:00
vulnrichment
vulnrichment
CVE-2023-4452 Web Server Buffer Overflow Vulnerability
2023-11-01 14:24:05
cve
cve
CVE-2023-4452
2023-11-01 15:15:08
nvd
nvd
CVE-2023-4452
2023-11-01 15:15:08
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
17.0%
Related for TENABLE_OT_MOXA_CVE-2023-4452.NASL