Vulnerability Description
An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. The amount of resources requested by a malicious actor is not restricted, leading to a denial-of-service caused by resource exhaustion.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Nport 5100 Series Firmware | <= 2.5 |
| Moxa | Nport 5110 | - |
| Moxa | Nport 5130 | - |
| Moxa | Nport 5150 | - |
| Moxa | Nport 5200 Series Firmware | <= 2.7 |
| Moxa | Nport 5210 | - |
| Moxa | Nport 5230 | - |
| Moxa | Nport 5232 | - |
| Moxa | Nport 5232I | - |
| Moxa | Nport 5400 Series Firmware | <= 3.10 |
| Moxa | Nport 5410 | - |
| Moxa | Nport 5430 | - |
| Moxa | Nport 5430I | - |
| Moxa | Nport 5450 | - |
| Moxa | Nport 5450-T | - |
| Moxa | Nport 5450I | - |
| Moxa | Nport 5450I-T | - |
| Moxa | Nport 5600 Series Firmware | <= 3.6 |
| Moxa | Nport 5610 | - |
| Moxa | Nport 5630 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/85965Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/85965Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2016-9367?
CVE-2016-9367 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort...
How severe is CVE-2016-9367?
CVE-2016-9367 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-9367?
Check the references section above for vendor advisories and patch information. Affected products include: Moxa Nport 5100 Series Firmware, Moxa Nport 5110, Moxa Nport 5130, Moxa Nport 5150, Moxa Nport 5200 Series Firmware.