Strix
26.1K

CVE-2023-4929

HIGHCVSS 8.8/10EPSS 0.26%

Last modified

CVE-2023-4929 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices. . EPSS estimates a 0.26% chance of exploitation in the next 30 days.

Description

All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.

Metrics

CVSS 3.1
8.8/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
0.26%

17.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
MoxaNport 5150ai-M12-Ct-T Firmware<= 1.5
MoxaNport 5250ai-M12-Ct-T Firmware<= 1.5
MoxaNport 5150ai-M12-T Firmware<= 1.5
MoxaNport 5250ai-M12-T Firmware<= 1.5
MoxaNport 5450ai-M12-Ct-T Firmware<= 1.5
MoxaNport 5150ai-M12 Firmware<= 1.5
MoxaNport 5250ai-M12 Firmware<= 1.5
MoxaNport 5150ai-M12-Ct Firmware<= 1.5
MoxaNport 5250ai-M12-Ct Firmware<= 1.5
MoxaNport 5450ai-M12-T Firmware<= 1.5
MoxaNport 5450ai-M12 Firmware<= 1.5
MoxaNport 5450ai-M12-Ct Firmware<= 1.5
MoxaNport 5130 Firmware<= 3.10
MoxaNport 5150 Firmware<= 3.10
MoxaNport 5110 Firmware<= 2.10
MoxaNport 5110-T Firmware<= 2.10
MoxaNport 5110a Firmware<= 1.6
MoxaNport 5110a-T Firmware<= 1.6
MoxaNport 5130a Firmware<= 1.6
MoxaNport 5130a-T Firmware<= 1.6
MoxaNport 5150a Firmware<= 1.6
MoxaNport 5150a-T Firmware<= 1.6
MoxaNport 5210a Firmware<= 1.6
MoxaNport 5210a-T Firmware<= 1.6
MoxaNport 5230a Firmware<= 1.6
MoxaNport 5230a-T Firmware<= 1.6
MoxaNport 5250a Firmware<= 1.6
MoxaNport 5250a-T Firmware<= 1.6
MoxaNport 5210 Firmware<= 2.12
MoxaNport 5232 Firmware<= 2.12
MoxaNport 5210-T Firmware<= 2.12
MoxaNport 5232-T Firmware<= 2.12
MoxaNport 5230-T Firmware<= 2.12
MoxaNport 5232i-T Firmware<= 2.12
MoxaNport 5230 Firmware<= 2.12
MoxaNport 5232i Firmware<= 2.12
MoxaNport 5410 Firmware>= 2.0, <= 2.9
MoxaNport 5410 Firmware>= 3.2, <= 3.14
MoxaNport 5430 Firmware>= 2.0, <= 2.9
MoxaNport 5430 Firmware>= 3.2, <= 3.14
MoxaNport 5450 Firmware<= 3.14
MoxaNport 5450i Firmware<= 3.14
MoxaNport 5450-T Firmware<= 3.14
MoxaNport 5450i-T Firmware<= 3.14
MoxaNport 5610-8-48v Firmware<= 3.11
MoxaNport 5630-16 Firmware<= 3.11
MoxaNport 5630-8 Firmware<= 3.11
MoxaNport 5650-8 Firmware<= 3.11
MoxaNport 5610-16 Firmware<= 3.11
MoxaNport 5650-8-M-Sc Firmware<= 3.11

Showing 50 of 128 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-4929?
All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.
How severe is CVE-2023-4929?
CVE-2023-4929 has a CVSS score of 8.8/10 (HIGH severity). The EPSS model estimates a 0.26% probability of exploitation in the next 30 days.
How do I fix CVE-2023-4929?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-4929?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST