NPort 5000 Series Firmware Improper Validation of Integrity Check Vulnerability

CVE-2023-4929

8.8HIGH

Key Information

Vendor: Moxa
Status: NPort 5000AI-M12 Series; NPort 5100 Series; NPort 5100A Series; NPort 5200 Series
Vendor: CVE Published:; 3 October 2023

Summary

All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.

Affected Version(s)

NPort 5000AI-M12 Series <= 1.5

NPort 5100 Series <= 3.10

NPort 5100A Series <= 1.6

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Oct 3, 2023
Vulnerability Reserved.
Sep 13, 2023

Collectors

NVD DatabaseMitre Database