Moxa Patches ioLogik Controllers

Friday, March 4, 2016 @ 05:03 PM gHale

Moxa created a network security enhancement to mitigate weak authentication vulnerabilities in its ioLogik E2200 Ethernet Micro RTU controllers, according to a report on ICS-CERT.

Exploits that target these remotely exploitable vulnerabilities, discovered by independent researcher Aditya Sood, are publicly available.

Rockwell Fixes CompactLogix Hole
Building Operation App Hole Fixed
AMX Addressing Multiple Vulnerabilities
B+B SmartWorx Fixes Bypass Vulnerability

The vulnerabilities affect the following versions of ioLogik:
• ioLogik E2200 series, versions prior to 3.12, and
• ioAdmin Configuration Utility, versions prior to 3.18

An attacker could exploit these vulnerabilities to gain access to the device to change settings and data on the target device.

Moxa is a Taiwan-based company that maintains offices in several countries around the world, including the U.S., UK, India, Germany, France, China, Russia, and Brazil.

The affected product, ioLogik E2200 series, is a micro RTU controller for use in monitoring and control. ioLogik sees action across several sectors, including commercial facilities and energy. Moxa estimates these products sees use primarily in the United States, Europe, and Asia.

The device transmits or stores authentication credentials not sufficiently encrypted.

CVE-2016-2282 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.5.

Also, the device stores or transmits sensitive data using an encryption scheme that is not strong enough for the level of protection required.

CVE-2016-2283 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 5.3.

Exploits that target these vulnerabilities are publicly available. An attacker with a low skill would be able to exploit these vulnerabilities.

MOXA created new firmware versions with improved password encryption between the ioAdmin utility and the ioLogik E2200 device to mitigate these vulnerabilities.

Moxa recommends installing these two network security enhancements:

ioLogik E2200 series

ioAdmin Configuration Utility

Moxa also recommends customers use a secured router or a VPN tunnel to protect internet communication.

Leave a Reply

You must be logged in to post a comment.