Vulnerability Management, Threat Management

Significant disruption likely with exploitation of Moxa NPort flaws

Malicious actors could exploit two high severity vulnerabilities in Moxa's NPort 5110 device servers, tracked as CVE-2022-2043 and CVE-2022-2044, to prompt a denial-of-service condition and cause significant disruptions, SecurityWeek reports. The Cybersecurity and Infrastructure Security Agency has already warned about the flaws, which have been identified and reported by En Garde Security researcher Jens Nielsen. Both security bugs have been discovered in March after Moxa issued proof-of-concept scripts and videos regarding vulnerability exploitation, according to En Garde Security owner Mikael Vingaard, who urged for devices to be disconnected from the internet. A ttackers could leverage the first flaw to prevent command responses from devices. "The only way to regain control of the device would be to have staff power off/power on the device, which would require a person to be physically present. This may often pose a problem in remote locations, where it could take significant time to get personnel on site, and not ideal in a situation where time to regain control may matter," added Vingaard, who noted that the second flaw may be exploited to permanently damage targeted devices.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.