Authentication flaw

2021-05-1413:15:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.2%

JSON

Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, device configuration, and other sensitive data transmitted over Moxa Service.

CPENameOperatorVersion
nport_ia5150a_firmwarele1.4
nport_ia5250a_firmwarele1.4
nport_ia5450a_firmwarele1.7

Name	Operator	Version
nport_ia5150a_firmware	le	1.4
nport_ia5250a_firmware	le	1.4
nport_ia5450a_firmware	le	1.7

References

ics-cert.kaspersky.com/advisories/klcert-advisories/2021/05/11/klcert-20-021%2C

www.moxa.com/en/support/product-support/security-advisory/nport-ia5000a-serial-device-servers-vulnerabilities