A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear text passwords, expose sensitive information, trigger a crash, and more. The existence of the flaws has been revealed by the Cisco Talos team. The good news is that they’ve all been fixed, and Moxa is urging users to implement the firmware update with the fixes as soon as possible.
Given that the vulnerabilities were discovered by Cisco Talos researcher Carlos Pacho and responsibly disclosed to Moxa, the likelihood that attackers have unearthed any of them independently and have been exploiting them is small. Nevertheless, now that their existence has been made public, potential attackers will know where to look. So Cisco has pointed out several Snort rules defenders can implement to detect attempts to exploit these vulnerabilities, as there are many reasons why some organizations may delay implementing the update.
Read more about the discovered vulnerabilities in the Moxa EDR-810 series of industrial secure routers on Help Net Security.