Moxa, an industry network, computing and automation solutions provider is updating one of its secure industrial routers addressing many if the high severity flaws that can be executed via Denial of service attacks, privilege elevations and also arbitrary code execution.
The Moxa router EDR-G903 series is high performance. It is an industrial router that gives clients a firewall, VPN and NAT functions. The router is available in the United States, Europe, and South America at the moment and is used in various industries which include critical manufacturing, commercial facilities. It is also used in the energy and emergency services sectors.
A researcher who is well versed in ICS security, Maxim Rupp, disclosed that the router was full of vulnerabilities and was highly filled with some severity flaws which could be exploited. He told reporters that he most of the devices that were at-risk of being exploited were connected to the Internet.
He researched and analyzed the Moxa EDR-G903 routers and managed to discover that the configuration and log files which were accessed on the web server had been simply accessed by a specific URL (CVE-2016-0875). Another problem was that the configuration files could only store passwords in plain text (CVE-2016-0876).
The security researcher also found out that the configuration and log files had been imported and were not deleted from the server which allowed any attacker even those without authentication to download them by using a specific URL (CVE-2016-0879). The device can also be forced to enter DDoS condition if an attacker can send malicious requests to the device. (CVE-2016-087). The last thing that he noticed was that the Moxa router ping function could be used by anyone which would lead to a memory leak. (CVE-2016-0877).
The software versions of the EDR-G903 which are affected include the 3.4.11 and older versions than that. Moxa at the moment says that they have posted an update to the problem with the release of their 3.4.12 software version. Rupp did not have time to test the firmware update that the company is claiming to have released. Therefore, he could not confirm if the issues of the router had been fixed.
Maxim Rupp is a security researcher who is also known to have discovered security flaws in the Accuenergy Accuvun power meters, the Sierra Wireless’ ACEmanager, XZERES wind turbines, the Tollgrade’s Lighthouse SMS power distribution system and monitoring product. He has also worked on the Honeywell’s Tuxedo Touch automation controllers and the Midas gas detectors, the Chiyu Technology and the ICONICS HMI, which is we based.