Moxa AWK-3131A Series Industrial AP/Bridge/Client Vulnerabilities

Multiple product vulnerabilities were identified in Moxa’s AWK-3131A industrial AP/Bridge/Client Series. In response to this, Moxa has issued patch’s to address these vulnerabilities.

Please contact Moxa Technical Support to get the security patch.

Improper Access Control (CWE-284) – CVE-2019-5136 / TALOS-2019-0925

Improper system access as a higher privilege user. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Use of Hard-coded Cryptographic Key (CWE-321)
CVE-2019-5137 / TALOS-2019-0926

Exploitable Hard-coded Cryptographic Key allows for the decryption of captured traffic.

Improper Neutralization of Special Elements used in an OS Command (CWE-78) CVE-2019-5138 / TALOS-2019-0927

Remote Command Injection to gain control over a device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Use of Hard-coded Credentials (CWE-798) CVE-2019-5139 / TALOS-2019-0928

Exploitable hard-coded credentials.

Improper Neutralization of Special Elements used in an OS Command (CWE-78) CVE-2019-5140 / TALOS-2019-0929

Remote Command Injection to gain control over a device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Improper Neutralization of Special Elements used in an OS Command (CWE-78) CVE-2019-5141 / TALOS-2019-0930

Remote Command Injection to gain control over a device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Improper Neutralization of Special Elements used in an OS Command (CWE-78) CVE-2019-5142 / TALOS-2019-0931

Remote Command Injection to gain control over a device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Buffer Copy without Checking Size of Input (CWE-120) CVE-2019-5143 / TALOS-2019-0932

This vulnerability may cause remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Out-of-bounds Read (CWE-125)
CVE-2019-5148 / TALOS-2019-0938

An attacker can send a crafted packet and cause denial-of-service of the device.

Stack-based Buffer Overflow (CWE-121) CVE-2019-5153 / TALOS-2019-0944

This vulnerability may cause remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Improper Access Control (CWE-284) CVE-2019-5162 / TALOS-2019-0955

Improper remote shell access to the device. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability.

Authentication Bypass Using an Alternate Path or Channel (CWE-288) CVE-2019-5165 / TALOS-2019-0960

An exploitable authentication bypass vulnerability. Attacker can trigger authentication bypass on specially configured device.

Jason Davies

UK based technology professional, with an interest in computer security and telecoms.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: