Full Report
User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software.
Analysis Summary
# Vulnerability: User Privilege Escalation in Moxa ThingsPro IIoT Gateway
## CVE Details
- CVE ID: CVE-2018-18391
- CVSS Score: 9.0 (High) - Based on the provided CVSS vector: `CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H`
- CWE: Not explicitly stated, but context implies Improper Access Control/Privilege Management.
## Affected Systems
- Products: Moxa ThingsPro IIoT Gateway and Device Management Software
- Versions: v.2.1
- Configurations: Any system running the vulnerable version.
## Vulnerability Description
The vulnerability is a User Privilege Escalation flaw within the Moxa ThingsPro IIoT Gateway and Device Management Software. Successful exploitation allows a lower-privileged user to gain higher privileges on the system, potentially leading to complete control.
## Exploitation
- Status: Existence of exploit is Unknown (as of the advisory date).
- Complexity: Low (Attack Complexity 'L' in CVSS vector)
- Attack Vector: Network (AV:N)
## Impact
- Confidentiality: High (Potential for full data disclosure)
- Integrity: High (Potential for unauthorized modification/deletion)
- Availability: High (Potential for system disruption)
## Remediation
### Patches
- Vendor released a new firmware version for the **ThingsPro Gateway Edition 2.3** to address the vulnerability. Users should contact their Moxa sales representative to obtain this firmware.
### Workarounds
- No explicit workarounds were detailed in the provided summary, other than applying the vendor patch. (Recommended general practice would be to restrict network access if possible until patching).
## Detection
- Detection information was not provided in detail. Monitor network traffic for anomalous activity or unauthorized process execution indicative of privilege escalation attempts on affected hosts.
## References
- Vendor Advisory: Moxa (Implied by patch release)
- Kaspersky Advisory: ics-cert.kaspersky.com/advisories/2018/10/18/klcert-18-019-moxa-thingspro-iiot-gateway-and-device-management-software-solutions-user-privilege-escalation/