CVE-2023-4929
6.5
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Moxa | NPort 5000AI-M12 Series | 1.0 <= 1.5 | affected |
| Moxa | NPort 5100 Series | 1.0 <= 3.10 | affected |
| Moxa | NPort 5100A Series | 1.0 <= 1.6 | affected |
| Moxa | NPort 5200 Series | 1.0 <= 2.12 | affected |
| Moxa | NPort 5200A Series | 1.0 <= 1.6 | affected |
| Moxa | NPort 5400 Series | 1.0 <= 3.14 | affected |
| Moxa | NPort 5600 Series | 1.0 <= 3.11 | affected |
| Moxa | NPort 5600-DT Series | 1.0 <= 2.9 | affected |
| Moxa | NPort IA5000 Series | 1.0 <= 2.1 | affected |
| Moxa | NPort IA5000A Series | 1.0 <= 2.0 | affected |
| Moxa | NPort IA5000A-I/O Series | 1.0 <= 2.0 | affected |
| Moxa | NPort IAW5000A-I/O Series | 1.0 <= 2.2 | affected |
| Moxa | NPort P5150A Series | 1.0 <= 1.6 | affected |
Weaknesses
- CWE-354: CWE-354 Improper Validation of Integrity Check Value
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.