Jared Rittle and Carl Hurd of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.
The Moxa AWK-3131A networking device contains several different vulnerabilities that an attacker could exploit to carry out malicious activities in an industrial environment. The AWK-3131A is a wireless networking device that is meant to be used in large-scale, industrial cases to provide
communication across the environment in which it's deployed. This device contains several bugs that could lead to numerous malicious activities, including remote code execution and privilege escalation.
In accordance with our coordinated disclosure policy, Cisco Talos worked with Moxa to ensure that these issues are resolved and that an update is available for affected customers.
Vulnerability details
Moxa AWK-3131A iw_console privilege escalation vulnerability (TALOS-2019-0925/CVE-2019-5136)
An exploitable privilege escalation vulnerability exists in the iw_console functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.
Read the complete vulnerability advisory here for additional information. Moxa AWK-3131A ServiceAgent use of hard-coded cryptographic key (TALOS-2019-0926/ ..
Support the originator by clicking the read the rest link below.
