To fix the breach, you need to install the latest firmware version.
Moxa Company thanked Positive Technologies specialists for detecting a dangerous vulnerability in the NPort line of industrial wireless converters. Identified as CVE-2024-1220, this vulnerability received a high score of 8.2 on the CVSS scale and allowed an attacker to execute arbitrary code on vulnerable devices.
The NPort W2150a and W2250a converters are designed for connecting industrial controllers, meters and sensors to a local network via Wi-Fi. Such wireless communications are essential for remote monitoring and control of equipment located on moving sites or in aggressive production environments.
As explained by Vladimir Razov, an expert from the web application security analysis group Positive Technologies, the vulnerability allowed an attacker to gain full control over the Moxa converter without authorization and in just one request. Further, the attacker could send commands to controllers and devices connected to the converter, disrupting the normal functioning of technological processes.
After notifying the vendor as part of the responsible disclosure policy, Moxa released a firmware update that addresses a critical vulnerability in the internal device software version 2.3. Developers strongly recommend that users update their converters to the latest version.
Cooperation between Positive Technologies experts and Moxa has been going on for several years. In 2019, thanks to the research of PT specialists, more than a dozen critical vulnerabilities in the vendor's industrial Ethernet switches were closed, which could disrupt the network interaction of automated process control system components.
Moxa Company thanked Positive Technologies specialists for detecting a dangerous vulnerability in the NPort line of industrial wireless converters. Identified as CVE-2024-1220, this vulnerability received a high score of 8.2 on the CVSS scale and allowed an attacker to execute arbitrary code on vulnerable devices.
The NPort W2150a and W2250a converters are designed for connecting industrial controllers, meters and sensors to a local network via Wi-Fi. Such wireless communications are essential for remote monitoring and control of equipment located on moving sites or in aggressive production environments.
As explained by Vladimir Razov, an expert from the web application security analysis group Positive Technologies, the vulnerability allowed an attacker to gain full control over the Moxa converter without authorization and in just one request. Further, the attacker could send commands to controllers and devices connected to the converter, disrupting the normal functioning of technological processes.
After notifying the vendor as part of the responsible disclosure policy, Moxa released a firmware update that addresses a critical vulnerability in the internal device software version 2.3. Developers strongly recommend that users update their converters to the latest version.
Cooperation between Positive Technologies experts and Moxa has been going on for several years. In 2019, thanks to the research of PT specialists, more than a dozen critical vulnerabilities in the vendor's industrial Ethernet switches were closed, which could disrupt the network interaction of automated process control system components.
