Moxa Fixes Buffer Overflow Hole

Wednesday, June 3, 2015 @ 11:06 AM gHale

Moxa created a new version that mitigates a buffer overflow vulnerability in its SoftCMS software package, according to a report on ICS-CERT.

ICS-CERT received a report on the remotely exploitable vulnerability from HP’s Zero Day Initiative (ZDI) via security researcher Ariele Caltabiano.

Beckwith Fixes TCP Initial Sequence Hole
IDS Creates New Module to Fix Hole
Rockwell Fixes RSView32 Vulnerability
Schneider Fixes OFS Server Hole

SoftCMS, Version 1.2 and prior versions suffer from the issue.

Successful exploitation of this vulnerability could cause a buffer overflow condition that may allow remote code execution.

Moxa is a Taiwan-based company that maintains offices in several countries around the world, including the U.S., UK, India, Germany, France, China, Russia, and Brazil.

The affected product, SoftCMS, is a central management software that manages large scale surveillance systems.

SoftCMS works across several sectors including commercial facilities, critical manufacturing, energy, and transportation systems. Moxa estimates these products see use primarily in the United States and Europe with a small percentage in Asia.

The affected product contains a vulnerable function susceptible to a buffer overflow condition that could allow remote code execution.

CVE-2015-1000 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 7.5.

No known public exploits specifically target this vulnerability. However, an attacker with a low skill set would be able to exploit this vulnerability.

Moxa has released SoftCMS, Version 1.3, which no longer uses the affected file that contains the identified vulnerability. Moxa recommends upgrading to Version 1.3, which a user can download here.