Vulnerability Key Information 1. Vulnerability Overview Vendor: Moxa Affected Devices: NPort 5210, 5230, 5232 Vulnerability Type: Resource Exhaustion CVE ID: CVE-2018-10632 CVSS Score: v3 7.5 Risk Level: Medium Last Revised Date: July 19, 2018 Alert Code: ICSA-18-200-04 2. Risk Assessment Successful exploitation of this vulnerability allows a remote attacker to send TCP SYN packets, causing resource exhaustion and rendering the device unavailable. 3. Technical Details Affected Product Versions: NPort 5210, 5230, 5232, versions 2.9 build 17030709 and earlier. Vulnerability Summary: Uncontrolled resource consumption (CWE-400). Background Information: - Critical Infrastructure Sectors: Critical manufacturing, energy, transportation systems. - Deployment Regions: Global. - Company Headquarters Location: Taiwan. Researcher: Mikael Vingaard reported this vulnerability to NCCIC. 4. Mitigation Measures Moxa recommends users upgrade to the latest firmware version, available for download at here. NCCIC recommends defensive measures, including minimizing network exposure of control systems and using secure remote access methods (e.g., VPN). For additional defensive guidance and information, refer to NCCIC’s Control Systems Security Recommended Practices and ICS-CERT website’s “ICS-TIP-12-146-01B-Targeted Cyber Intrusion Detection and Mitigation Strategies”.