All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices. 
 

The identified vulnerability type and potential impact are shown below: 

Vulnerability Scoring Details

Affected Products:

The affected products and firmware versions are shown below. 

Mitigation:

Due to design restrictions, we could not fix this vulnerability in NPort 5000 Series. We suggest users follow the instructions in the hardening guide in order to mitigate this vulnerability. Additionally, refer to the following mitigation measures to deploy the product in an appropriate product security context. 

Moxa recommends users follow these CISA recommendations. Users should 

1. Reduce network exposure by ensuring that all control system devices and systems are not accessible from the Internet. 

2. Place control system networks and remote devices behind firewalls, isolating them from business networks. 

3. When remote access is necessary, employ secure methods such as Virtual Private Networks (VPNs). It is important to note that VPNs may have vulnerabilities and should be kept up to date with the latest available version. Remember that the security of a VPN depends on the security of its connected devices. 

Acknowledgment:

We would like to express our appreciation to NETEL (Network Equipment Test and Security Evaluation Laboratory), Sharif University of Technology, Iran, for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers. 

Revision History: