AUGUST 1, 2022
[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]Two critical security vulnerabilities have been detected in the widely used NPort industrial connectivity appliance, manufactured by Taiwan-based industrial network and automation solutions provider Moxa, that could allow threat actors to disrupt systems.
0-day vulnerabilities tracked as CVE-2022-2043 and CVE-2022-2044 affect NPort 5110 device servers designed to connect devices to Ethernet networks. Remote threat actors can exploit security vulnerabilities to trigger a Denial of Service (DoS) condition on targeted devices. Exploiting both vulnerabilities requires network connectivity to the targeted device. Moxa has stated that the vulnerabilities only affect Firmware 2.10.
Affected NPort devices are widely used in many industries worldwide, including critical infrastructure sectors such as energy, manufacturing, and transportation systems. There are also allegations and reports that the devices in question were manipulated in 2015 attack campaigns targeting Ukraine’s electricity grid, which resulted in significant power outages. In this context, in order not to be the target of potential attacks that can be carried out by targeting critical infrastructure, it is recommended to consider the following practices:
[/vc_column_text][vc_empty_space height=”30px”][/vc_column][/vc_row]
Take control of your digital security with an exclusive demo of our powerful threat management platform.