Moxa customers urged to patch five vulnerabilities found in MXview network management software

Moxa users are being urged to upgrade MXview to version 3.2.4 or higher to remediate five vulnerabilities discovered by Claroty’s Team82.

The issues affect the Taiwanese company’s MXview web-based network management system versions 3.x to 3.2.2 and collectively, ICS-CERT scored the vulnerabilities a 10.0, its highest criticality score.

According to Team82, an unauthenticated attacker successfully chaining two or more of these vulnerabilities could achieve remote code execution on any unpatched MXview server. 

The US Cybersecurity and Infrastructure Security Agency (CISA) released an ICS advisory for the vulnerabilities in October, noting that successful exploitation of these vulnerabilities “may allow an attacker to create or overwrite critical files to execute code, gain access to the program, obtain credentials, disable the software, read and modify otherwise inaccessible data, allow remote connections to internal communication channels, or interact and use MQTT remotely.”

The web-based network management system was designed for monitoring and managing Moxa-based devices. Team 82 disclosed five vulnerabilities (CVE-2021-38452CVE-2021-38456CVE-2021-38460CVE-2021-38458 and CVE-2021-38454) in the MXView platform. The company also provided a proof of concept showing how an attack would work. 

Bugcrowd CTO Casey Ellis said it is “an impactful set of vulnerabilities.” 

“Command injection via MQTT is an interesting and seldom discussed technique, and only goes to demonstrate the increasing complexity of

Read More: