Rewterz Threat Advisory – VPN Vulnerabilities and ZeroLogon Combined to Attack Networks
October 13, 2020Rewterz Threat Advisory – ICS: Siemens Desigo Insight
October 14, 2020Rewterz Threat Advisory – VPN Vulnerabilities and ZeroLogon Combined to Attack Networks
October 13, 2020Rewterz Threat Advisory – ICS: Siemens Desigo Insight
October 14, 2020Severity
Medium
Analysis Summary
CVE-2020-25198
The built-in WEB server has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by stealing the user’s cookies
CVE-2020-25194
The built-in WEB server has improper privilege management, which may allow an attacker with user privileges to perform requests with administrative privileges.
CVE-2020-25153
The built-in web service does not require users to have strong passwords.
CVE-2020-25190
The built-in web server stores and transmits the credentials of third-party services in cleartext.
CVE-2020-25196
The built-in web server allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication.
CVE-2020-25192
The built-in web service allows sensitive information to be displayed without proper authorization.
Impact
- Exposure of Sensitive Information
- Improper Privilege Management
Affected Vendors
MOXA
Affected Products
NPort: Firmware Version 2.1 or lower
Remediation
Refer to vendor advisor for the complete list of affected products and their respective patches.