Sign-up

ID

VAR-201302-0035


CVE

CVE-2012-4712


TITLE

Moxa EDR-G903 Vulnerability in a series router that gains access to unspecified devices

Trust: 0.8

sources: JVNDB: JVNDB-2012-005934

DESCRIPTION

Moxa EDR-G903 series routers with firmware before 2.11 have a hardcoded account, which allows remote attackers to obtain unspecified device access via unknown vectors. The MOXA EDR-G903 is a series of all-in-one firewall/VPN secure router devices with Gigabit performance. The MOXA EDR-G903 series router has a built-in user account and password. MOXA EDR-G903 is prone to an unauthorized access vulnerability and a weakness in the entropy of the generated key. Successful exploits will allow attackers to gain access to the device and sensitive information. Successful exploits may result in the attacker executing arbitrary commands or gain unauthorized access on the affected system. Moxa EDR-G903 is a security router product from Moxa that integrates firewall/VPN. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Moxa EDR-G903 Series Weak Entropy Key Generation Weakness SECUNIA ADVISORY ID: SA52141 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52141/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52141 RELEASE DATE: 2013-02-12 DISCUSS ADVISORY: http://secunia.com/advisories/52141/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/52141/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=52141 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Moxa EDR-G903 Series, which can be exploited by malicious people to conduct brute force attacks. The weakness is caused due to weak entropy used when generating HTTPS and SSH keys, which can be exploited to brute force the private key based on the host key and disclose sensitive information via Man-in-the-Middle (MitM) attacks. The weakness is reported in firmware versions prior to 2.11. SOLUTION: Update to version 2.11. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Neil Smith ORIGINAL ADVISORY: MOXA: http://www.moxa.com/support/download.aspx?type=support&id=492 ICS-CERT: http://ics-cert.us-cert.gov/pdf/ICSA-13-042-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.7

sources: NVD: CVE-2012-4712 // JVNDB: JVNDB-2012-005934 // CNVD: CNVD-2013-01093 // BID: 57897 // VULHUB: VHN-57993 // VULMON: CVE-2012-4712 // PACKETSTORM: 120261

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2013-01093

AFFECTED PRODUCTS

vendor:moxamodel:edr-g903scope:ltversion:2.11

Trust: 1.0

vendor:moxamodel:edr-g903 seriesscope:ltversion:2.11

Trust: 0.8

vendor:moxamodel:edr-g903scope: - version: -

Trust: 0.6

vendor:moxamodel:edr g903scope:eqversion:2.1

Trust: 0.6

vendor:moxamodel:edr g903scope:eqversion:1.0

Trust: 0.6

vendor:moxamodel:edr g903scope:eqversion:2.2

Trust: 0.6

vendor:moxamodel:edr g903scope:eqversion:2.0

Trust: 0.6

vendor:moxamodel:edr-g903scope:eqversion:2.1

Trust: 0.3

vendor:moxamodel:edr-g903scope:neversion:2.11

Trust: 0.3

sources: CNVD: CNVD-2013-01093 // BID: 57897 // JVNDB: JVNDB-2012-005934 // CNNVD: CNNVD-201302-266 // NVD: CVE-2012-4712

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-4712
value: MEDIUM

Trust: 1.0

NVD: CVE-2012-4712
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201302-266
value: MEDIUM

Trust: 0.6

VULHUB: VHN-57993
value: MEDIUM

Trust: 0.1

VULMON: CVE-2012-4712
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2012-4712
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-57993
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-57993 // VULMON: CVE-2012-4712 // JVNDB: JVNDB-2012-005934 // CNNVD: CNNVD-201302-266 // NVD: CVE-2012-4712

PROBLEMTYPE DATA

problemtype:CWE-798

Trust: 1.0

problemtype:CWE-200

Trust: 0.9

sources: VULHUB: VHN-57993 // JVNDB: JVNDB-2012-005934 // NVD: CVE-2012-4712

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201302-266

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201302-266

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-005934

PATCH
title:Top Pageurl:http://www.moxa.com/
Trust: 0.8
title:代理店一覧url:http://japan.moxa.com/buy/Default.htm#japan
Trust: 0.8
title:トップページurl:http://japan.moxa.com/index.htm
Trust: 0.8
title:Firmware for MOXA EDR-G903 seriesurl:http://www.moxa.com/support/download.aspx?type=support&id=492
Trust: 0.8
title:MOXA EDR-G903 Unauthorized Access Vulnerability Patchurl:https://www.cnvd.org.cn/patchInfo/show/31933
Trust: 0.6
title:Moxa Repair measures for information disclosure vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=188971
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2013-01093 // 
            
            
            
            JVNDB: JVNDB-2012-005934 // 
            
            
            
            CNNVD: CNNVD-201302-266

EXTERNAL IDS
db:ICS CERTid:ICSA-13-042-01
Trust: 3.6
db:NVDid:CVE-2012-4712
Trust: 3.5
db:JVNDBid:JVNDB-2012-005934
Trust: 0.8
db:CNNVDid:CNNVD-201302-266
Trust: 0.7
db:CNVDid:CNVD-2013-01093
Trust: 0.6
db:BIDid:57897
Trust: 0.4
db:SECUNIAid:52141
Trust: 0.2
db:VULHUBid:VHN-57993
Trust: 0.1
db:VULMONid:CVE-2012-4712
Trust: 0.1
db:PACKETSTORMid:120261
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-01093 // 
            
            
            
            VULHUB: VHN-57993 // 
            
            
            
            VULMON: CVE-2012-4712 // 
            
            
            
            BID: 57897 // 
            
            
            
            JVNDB: JVNDB-2012-005934 // 
            
            
            
            PACKETSTORM: 120261 // 
            
            
            
            CNNVD: CNNVD-201302-266 // 
            
            
            
            NVD: CVE-2012-4712

REFERENCES
url:http://ics-cert.us-cert.gov/pdf/icsa-13-042-01.pdf
Trust: 3.6
url:http://www.moxa.com/support/download.aspx?type=support&id=492
Trust: 1.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4712
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4712
Trust: 0.8
url:http://www.moxa.com/product/edr-g903.htm
Trust: 0.3
url:http://www.moxa.com/support/download.aspx?type=support&id=492
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/200.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.securityfocus.com/bid/57897
Trust: 0.1
url:https://ics-cert.us-cert.gov/advisories/icsa-13-042-01
Trust: 0.1
url:http://secunia.com/advisories/52141/
Trust: 0.1
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=52141
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/advisories/52141/#comments
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/blog/325/
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2013-01093 // 
            
            
            
            VULHUB: VHN-57993 // 
            
            
            
            VULMON: CVE-2012-4712 // 
            
            
            
            BID: 57897 // 
            
            
            
            JVNDB: JVNDB-2012-005934 // 
            
            
            
            PACKETSTORM: 120261 // 
            
            
            
            CNNVD: CNNVD-201302-266 // 
            
            
            
            NVD: CVE-2012-4712

CREDITS
Neil Smith
Trust: 0.3
sources:
            
            
            BID: 57897

SOURCES
db:CNVDid:CNVD-2013-01093
db:VULHUBid:VHN-57993
db:VULMONid:CVE-2012-4712
db:BIDid:57897
db:JVNDBid:JVNDB-2012-005934
db:PACKETSTORMid:120261
db:CNNVDid:CNNVD-201302-266
db:NVDid:CVE-2012-4712

LAST UPDATE DATE
2024-08-14T15:03:42.657000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2013-01093date:2013-02-20T00:00:00
db:VULHUBid:VHN-57993date:2013-02-15T00:00:00
db:VULMONid:CVE-2012-4712date:2013-02-15T00:00:00
db:BIDid:57897date:2013-02-11T00:00:00
db:JVNDBid:JVNDB-2012-005934date:2013-02-18T00:00:00
db:CNNVDid:CNNVD-201302-266date:2022-04-13T00:00:00
db:NVDid:CVE-2012-4712date:2022-04-12T16:51:10.627

SOURCES RELEASE DATE
db:CNVDid:CNVD-2013-01093date:2013-02-20T00:00:00
db:VULHUBid:VHN-57993date:2013-02-15T00:00:00
db:VULMONid:CVE-2012-4712date:2013-02-15T00:00:00
db:BIDid:57897date:2013-02-11T00:00:00
db:JVNDBid:JVNDB-2012-005934date:2013-02-18T00:00:00
db:PACKETSTORMid:120261date:2013-02-13T11:12:30
db:CNNVDid:CNNVD-201302-266date:2013-02-20T00:00:00
db:NVDid:CVE-2012-4712date:2013-02-15T12:09:27.850