SCADA Vulnerabilities & Exposures (SVE)

CRITIFENCE® SCADA Vulnerabilities and Exposures Database (SVE)

[SVE-577578955] Moxa OnCell

Date Type Platform Author EDB-ID CVE-ID OSVDB-ID Download App SIS Signature
2017-05-23OtherMoxaIndependent researcher Maxim Rupp identified the vulnerabilities. N/ACVE-2017-7915 CVE-2017-7913 CVE-2017-7917 N/AN/AN/A

Source

						
							
								
#
# Moxa OnCell
#


### VULNERABLE VENDOR
Moxa


### VULNERABLE PRODUCT
OnCell



### RESEARCHER
Independent researcher Maxim Rupp identified the vulnerabilities.



### AFFECTED PRODUCTS

The following versions of OnCell, a high-speed industrial-grade IP gateway, are affected:

OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions,
OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions,
OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions,
OnCell 5104-HSDPA,
OnCell 5104-HSPA, and
OnCell 5004-HSPA.



### IMPACT

Successful exploitation of these vulnerabilities may allow an attacker to use brute force to determine parameters needed to access the application. An attacker may also obtain credentials by obtaining files that store passwords in clear text.



### VULNERABILITY OVERVIEW

IMPROPER RESTRICTION OF EXCESSIVE AUTHENTICATION ATTEMPTS CWE-307
An attacker can freely use brute force to determine parameters needed to bypass authentication.
CVE-2017-7915 has been assigned to this vulnerability.
A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)


PLAINTEXT STORAGE OF A PASSWORD CWE-256
The application's configuration file contains parameters that represent passwords in plaintext.
CVE-2017-7913 has been assigned to this vulnerability.
A CVSS v3 base score of 7.3 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)


CROSS-SITE REQUEST FORGERY CWE-352
The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request, which could allow an attacker to modify the configuration of the device.
CVE-2017-7917 has been assigned to this vulnerability.
A CVSS v3 base score of 9.8 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)





### BACKGROUND

Critical Infrastructure Sectors: Commercial Facilities, Critical Manufacturing, Energy, Transportation Systems
Countries/Areas Deployed: Worldwide
Company Headquarters Location: Taiwan




### MITIGATION

Moxa recommends the following mitigations:

For OnCell G31x0-HSPA and OnCell 5x04-HSPA devices users should upgrade to the latest official firmware Version 1.4 or above.

For OnCell G31x0-HSDPA and OnCell 5x04-HSDPA devices users should disable HTTP and use other another console such as HTTPS to access web UI or SNMP/Telnet. Moxa reports that the HSDPA devices have been phased out. If further assistance is needed, please contact Moxa.