MoxaÒÔÌ«Íø½»Á÷»ú¶à¸öÎó²îΣº¦Í¨¸æ

Ðû²¼Ê±¼ä 2020-03-05

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2020-6989£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6987£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º6.5£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6983£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6985£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6995£¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6993£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.3£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


PT-7528ϵÁй̼þ£¬°æ±¾4.0»ò¸üµÍ

PT-7828ϵÁй̼þ£¬°æ±¾3.9»ò¸üµÍ



Îó²î¸ÅÊö


Moxa PT-7528ϵÁкÍPT-7828ϵÁÐÒÔÌ«Íø½»Á÷»úÖб£´æ¶à¸öÎó²î£¬¸ÅÊöÈçÏ£º


CVE-2020-6989

»º³åÇø¹ýʧÎó²î ¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îÖ´ÐÐí§Òâ´úÂë»òÔì³É¾Ü¾ø·þÎñ ¡£


CVE-2020-6987

¸ÃÎó²îÔ´ÓÚ³ÌÐòʹÓýÏÈõµÄ¼ÓÃÜËã·¨ ¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñÈ¡Ãô¸ÐÐÅÏ¢ ¡£


CVE-2020-6983

¸ÃÎó²îÔ´ÓÚ³ÌÐòʹÓÃÁËÓ²±àÂëµÄ¼ÓÃÜÃÜÔ¿ ¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î»Ö¸´Ãô¸ÐµÄÊý¾Ý ¡£


CVE-2020-6985

ÐÅÍÐÖÎÀíÎÊÌâÎó²î ¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î»á¼û¿ØÖÆ̨ ¡£


CVE-2020-6995

¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓÐÒªÇóÓû§Ê¹ÓýÏÇ¿µÄÃÜÂë ¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñȡδÊÚȨµÄ»á¼ûȨÏÞ ¡£


CVE-2020-6993

ÐÅϢй¶Îó²î ¡£¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÔÚÔËÐÐÀú³ÌÖб£´æÉèÖõȹýʧ ¡£Î´ÊÚȨµÄ¹¥»÷Õß¿ÉʹÓÃÎó²î»ñÈ¡ÊÜÓ°Ïì×é¼þÃô¸ÐÐÅÏ¢ ¡£


Îó²îÑéÖ¤


ÔÝÎÞPoC/EXP ¡£


ÐÞ¸´½¨Òé


ÏÖÔÚ³§ÉÌÒÑÐû²¼Éý¼¶²¹¶¡ÒÔÐÞ¸´Îó²î£¬²¹¶¡»ñÈ¡Á´½Ó:https://www.moxa.com/en/support/support/security-advisory/pt-7528-7828-ethernet-switches-vulnerabilities ¡£


²Î¿¼Á´½Ó


https://www.us-cert.gov/ics/advisories/icsa-20-056-03