NPort 5000 Series Firmware Improper Validation of Integrity Check Vulnerability

CVE-2023-4929

6.5MEDIUM

Key Information

Vendor: Moxa
Status: Nport 5000ai-m12 Series; Nport 5100 Series; Nport 5100a Series; Nport 5200 Series
Vendor: CVE Published:; 3 October 2023

Summary

All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.

Affected Version(s)

NPort 5000AI-M12 Series <= 1.5

NPort 5100 Series <= 3.10

NPort 5100A Series <= 1.6

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: 8.8 to: 6.5 - (MEDIUM)
Sep 23, 2024
Vulnerability published.
Oct 3, 2023
Vulnerability Reserved.
Sep 13, 2023

Collectors

NVD DatabaseMitre Database