Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Moxa patches flaws in industrial ethernet switches

Moxa patches flaws in industrial ethernet switches

2015/08/28

Securityweek - (International) Security researchers from Applied Risk discovered serious privilege escalation, denial-of-service (DoS), and cross-site scripting (XSS) vulnerabilities affecting Moxa industrial ethernet switches that could allow an unauthenticated remote attacker to compromise the device and connected industrial assets. Moxa recently released an update addressing nine heap-based buffer overflow and classic buffer overflow vulnerabilities in its SoftCMS closed-circuit television (CCTV) central management software.

Source: http://www.securityweek.com/moxa-patches-flaws-industrial-ethernet-switches

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:25:07