CVE-2023-4929

CWE-3543 documents3 sources

Severity

8.8HIGH

EPSS

0.0%

top 87.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

121

Moxa Nport 5000ai-m12 Series Moxa Nport 5100 Series Moxa Nport 5100a Series +118 more

Timeline

PublishedOct 3

Description

All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:HExploitability: 1.2 | Impact: 5.2

Affected Packages121 packages

▶NVDmoxa/nport_ia5000a-i\/o_firmware2.0

▶NVDmoxa/nport_iaw5000a-i\/o_firmware2.2

▶NVDmoxa/nport_5110_firmware2.10

▶NVDmoxa/nport_5130_firmware3.10

▶NVDmoxa/nport_5150_firmware3.10

🔴Vulnerability Details

GHSA

GHSA-38q7-2rwv-hhrw: All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability↗2023-10-03

▶

CVEList

NPort 5000 Series Firmware Improper Validation of Integrity Check Vulnerability↗2023-10-03

▶