MoxaÒÔÌ«Íø»¥»»»ú¶à¸ö·ì϶·çÏÕ¹«¸æ

°ä²¼¹¦·ò 2020-03-05

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2020-6989£¬Î£ÏÕ¼¶±ð£ºÑϳÁ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º10£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6987£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º6.5£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6983£¬Î£ÏÕ¼¶±ð£ºÑϳÁ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6985£¬Î£ÏÕ¼¶±ð£ºÑϳÁ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6995£¬Î£ÏÕ¼¶±ð£ºÑϳÁ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2020-6993£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º5.3£¬¹Ù·½Î´ÆÀ¶¨


Ó°Ïì°æ±¾


PT-7528ϵÁй̼þ£¬°æ±¾4.0»ò¸üµÍ

PT-7828ϵÁй̼þ£¬°æ±¾3.9»ò¸üµÍ



·ì϶¸ÅÊö


Moxa PT-7528ϵÁкÍPT-7828ϵÁÐÒÔÌ«Íø»¥»»»úÖдæÔÚ¶à¸ö·ì϶£¬¸ÅÊöÈçÏ£º


CVE-2020-6989

»º³åÇøÃýÎó·ì϶¡£Ô¶³Ì¹¥»÷Õß¿ÉÀûÓø÷ì϶ִÐÐËÁÒâ´úÂë»òÔì³É»Ø¾ø·þÎñ¡£


CVE-2020-6987

¸Ã·ì϶ԴÓÚ·¨Ê½Ê¹ÓýÏÈõµÄ¼ÓÃÜËã·¨¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶»ñÈ¡Ãô¸ÐÐÅÏ¢¡£


CVE-2020-6983

¸Ã·ì϶ԴÓÚ·¨Ê½Ê¹ÓÃÁËÓ²±àÂëµÄ¼ÓÃÜÃÜÔ¿¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶¸´Ô­Ãô¸ÐµÄÊý¾Ý¡£


CVE-2020-6985

ÐÅÀµÖÎÀíÎÊÌâ·ì϶¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶½Ó¼û½ÚÔį̀¡£


CVE-2020-6995

¸Ã·ì϶ԴÓÚ·¨Ê½Ã»ÓÐÒªÇóÓû§Ê¹ÓýÏÇ¿µÄÃÜÂë¡£¹¥»÷Õß¿ÉÀûÓø÷ì϶»ñȡδÊÚȨµÄ½Ó¼ûȨÏÞ¡£


CVE-2020-6993

ÐÅϢй¶·ì϶¡£¸Ã·ì϶ԴÓÚÍøÂçϵͳ»ò²úÆ·ÔÚÔËÐйý³ÌÖдæÔÚÅäÖõÈÃýÎó¡£Î´ÊÚȨµÄ¹¥»÷Õß¿ÉÀûÓ÷ì϶»ñÈ¡ÊÜÓ°Ïì×é¼þÃô¸ÐÐÅÏ¢¡£


·ì϶ÑéÖ¤


ÔÝÎÞPoC/EXP¡£


½¨¸´½¨Òé


Ä¿Ç°³§ÉÌÒÑ°ä²¼Éý¼¶²¹¶¡ÒÔ½¨¸´·ì϶£¬²¹¶¡»ñÈ¡Á´½Ó:https://www.moxa.com/en/support/support/security-advisory/pt-7528-7828-ethernet-switches-vulnerabilities¡£


²Î¿¼Á´½Ó


https://www.us-cert.gov/ics/advisories/icsa-20-056-03