Multiple vulnerabilities have been identified on Moxa's industrial Ethernet switches, which allow hackers to take control of switches or denial-of-service attacks, according to Positive Technologies researchers. Switches are used in energy and transport infrastructure, so attacks on them can have serious consequences.
The Moxa EDS-405A, EDS-408A, EDS-510A and IKS-G6824A Ethernet switches have been found vulnerable. Based on the number and extent of vulnerabilities, little practical security measures were found in the design of managed switches, as passwords are stored in plain text, according to the survey.
For vulnerable EDS switches, the ID for the web interface is predictable, allowing easy retrieval of passwords. Similarly, the use of specific protocols allows for password recovery and denial-of-service attacks. EDS routers, furthermore, do not have "adequate measures," according to Moxa, to prevent multiple failed authentication efforts, making brute-force attacks possible.
In the IKS-G6824A series, according to the researchers, the most dangerous vulnerability "involves a cache overflow in the web interface. Violation may result in denial of service attack and possibly remote code execution. In the hands of hackers, the other vulnerabilities could cause permanent denial of service in the switch, reading the device's memory, doing various actions on the web interface as if it were the legitimate user, and much more. "
Moxa has issued firmware patches for affected switches, although they are not immediately available for downloading - needing technical support to download.