Request a Demo
Rewterz
Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
July 7, 2021
Rewterz
Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
July 7, 2021

Rewterz Threat Advisory –ICS: Moxa NPort IAW5000A-I/O Series Serial Device Server

Severity

High

Analysis Summary

CVE-2021-32968

Two buffer overflows in the built-in web server may allow a remote attacker to cause a denial-of-service condition.

CVE-2021-32976

Five buffer overflows in the built-in web server allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code.

CVE-2021-32970

Data can be copied without validation in the built-in web server, which may allow a remote attacker to cause denial-of-service conditions.

CVE-2021-32974

Improper input validation in the built-in web server may allow a remote attacker to execute commands.

Impact

  • Remote Code Execution
  • Denial of Service
  • Device Crash

Affected Vendors

Moxa

Affected Products

  • NPort IAW5000A-I/O Series Wireless Device Server

Remediation

For Further information regarding patches refer to https://us-cert.cisa.gov/ics/advisories/icsa-21-187-01