NPort IAW5000A-I/O Series Hardcoded Credential Vulnerability

Vulnerability

NPort IAW5000A-I/O Series firmware versions 2.2 and prior [1] contain a hardcoded credential vulnerability (CWE-798) [1]. The presence of this hardcoded key poses a potential risk to the security and integrity of the affected device, allowing for firmware manipulation [1].

Exploitation

An attacker with local or adjacent network access to the device could exploit the hardcoded credentials to gain elevated access. The specific attack vector is not fully detailed in the available references, but the hardcoded key could be extracted from the firmware and used to manipulate the device's firmware [1].

Impact

Successful exploitation could allow an attacker to perform firmware manipulation, potentially leading to arbitrary code execution, persistent device compromise, or denial of service. The confidentiality, integrity, and availability (CIA) of the device are at risk [1].

Mitigation

Moxa has developed a security patch to address the vulnerability; users should contact Moxa Technical Support to obtain the patch [1]. As a general mitigation, Moxa recommends reducing network exposure by not connecting control-system devices directly to the Internet and placing them behind firewalls [1]. No KEV listing is referenced.