Evgeniy Druzhinin

**Name of the Vulnerable Software and Affected Versions** AVEVA System Platform version 2020 **Description** The issue concerns the storage of sensitive information in cleartext, potentially allowing access to attackers or low-privileged users. **Recommendations** For AVEVA System Platform version 2020, consider implementing encryption for sensitive information to prevent unauthorized access. As a temporary workaround, restrict access to sensitive data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moxa NPort IAW5000A-I/O series firmware versions 2.2 or earlier **Description** The issue is related to five buffer overflows in the built-in web server of the Moxa NPort IAW5000A-I/O series. This may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code. **Recommendations** For Moxa NPort IAW5000A-I/O series firmware versions 2.2 or earlier, update to a version later than 2.2 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Moxa NPort IAW5000A-I/O series firmware versions 2.2 or earlier **Description** The issue is related to improper input validation in the built-in web server, which may allow a remote attacker to execute commands. **Recommendations** For Moxa NPort IAW5000A-I/O series firmware versions 2.2 or earlier, update to a version later than 2.2 to resolve the issue. As a temporary workaround, consider restricting access to the built-in web server until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Moxa NPort IAW5000A-I/O series firmware versions prior to 2.3 **Description** The issue allows data to be copied without validation in the built-in web server, potentially enabling a remote attacker to cause denial-of-service conditions. **Recommendations** For Moxa NPort IAW5000A-I/O series firmware versions prior to 2.3, update to firmware version 2.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Moxa NPort IAW5000A-I/O Series firmware versions prior to 2.3 **Description** The issue is related to two buffer overflows in the built-in web server, which may allow a remote attacker to cause a denial-of-service condition. **Recommendations** For firmware versions 2.2 or earlier, update to version 2.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** AVEVA InTouch Runtime versions prior to 2020 R2 **Description** The issue could expose cleartext credentials if an authorized, privileged user creates a diagnostic memory dump of the process and saves it to a non-protected location. **Recommendations** For versions prior to 2020 R2, ensure that diagnostic memory dumps are saved to protected locations to prevent unauthorized access to cleartext credentials. As a temporary workaround, consider restricting access to the diagnostic memory dump feature until a patch is available.

**Name of the Vulnerable Software and Affected Versions** MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower **Description** The issue concerns improper privilege management in the built-in WEB server, potentially allowing an attacker with user privileges to perform requests with administrative privileges. **Recommendations** For MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower, consider restricting access to the built-in WEB server until a fix is available, and limit user privileges to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower **Description** The issue concerns the built-in WEB server, which has incorrectly implemented protections from session fixation. This may allow an attacker to gain access to a session and hijack it by stealing the user's cookies. **Recommendations** For MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower, update to a version higher than 2.1 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower **Description** The issue concerns the storage and transmission of credentials for third-party services in cleartext by the built-in WEB server. This affects the confidentiality of the credentials, as they can be easily intercepted or accessed. **Recommendations** For MOXA NPort IAW5000A-I/O firmware versions 2.1 or lower, update to a version higher than 2.1 to resolve the issue. As a temporary workaround, consider restricting access to the built-in WEB server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Easergy T300 versions 2.7 and older **Description** A Missing Encryption of Sensitive Data issue exists, allowing an attacker to read network traffic over the HTTP protocol. **Recommendations** For Easergy T300 versions 2.7 and older, consider disabling HTTP protocol usage until a patch is available. Restrict access to sensitive data to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Easergy T300 versions 2.7 and older **Description** The issue is related to the lack of encryption for sensitive data in the firmware of the Easergy T300 RTU. This could allow a remote attacker to gain unauthorized access to network traffic over the HTTP protocol. The vulnerability may enable an attacker to read network traffic, potentially leading to further security issues. **Recommendations** For versions 2.7 and older, update the firmware to a version that includes encryption for sensitive data to prevent unauthorized access to network traffic. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Easergy T300 versions 2.7 and older **Description** The issue is related to errors in the representation of information by the user interface, which can be exploited by a remote attacker to perform arbitrary actions. This is due to improper restriction of rendered UI layers or frames, allowing an attacker to trick a user into initiating an unintended action. **Recommendations** For versions 2.7 and older, update the firmware to a version newer than 2.7 to resolve the issue. As a temporary workaround, consider restricting access to the user interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MOXA NPort IAW5000A-I/O firmware versions 2.1 and lower **Description** The issue is related to the implementation of SSH/Telnet protocols in the MOXA NPort IAW5000A-I/O Series web server software, which lacks sufficient restrictions on authentication attempts. This may allow a remote attacker to bypass security restrictions through brute force attacks. **Recommendations** For MOXA NPort IAW5000A-I/O firmware versions 2.1 and lower, consider restricting or disabling SSH/Telnet sessions as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 through 1.34 **Description** The WebUI of the affected devices allows for plaintext transmission of user credentials by default, which can be done over HTTP. **Recommendations** For versions 1.0 through 1.34, consider configuring the WebUI to use encrypted transmission, such as HTTPS, to protect user credentials. As a temporary workaround, restrict access to the WebUI to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 through 1.34 **Description** The WebUI of the affected device is susceptible to a denial-of-service attack. This can be achieved by establishing more than 120 connections. **Recommendations** For versions 1.0 through 1.34, consider restricting the number of connections to the WebUI to prevent denial-of-service attacks. As a temporary workaround, limit the number of concurrent connections to mitigate the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 through 1.34 **Description** The WebUI of the affected devices leaks private information in firmware images. **Recommendations** For versions 1.0 through 1.34, consider restricting access to the WebUI to minimize the risk of information leakage until a fix is available.

**Name of the Vulnerable Software and Affected Versions** PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 **Description** The WebUI of the affected device is susceptible to brute-force attacks due to improper restriction of excessive authentication attempts. This allows attackers to attempt numerous login combinations without significant impediment. **Recommendations** For versions prior to 1.35, update to version 1.35 or later to resolve the issue. As a temporary workaround, consider restricting access to the WebUI or implementing additional authentication measures to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches (affected versions not specified) Description: A Cleartext Transmission of Sensitive Information issue was discovered in the web interface of the affected switches, which may allow an attacker to obtain sensitive information through a successful man-in-the-middle attack. The vulnerability can be exploited by a remote attacker to intercept sensitive information. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches (affected versions not specified) Description: A Session Fixation issue was discovered in the web interface of the affected switches, which may allow an attacker to hijack web sessions. The vulnerability is related to incorrect session management, potentially enabling a remote attacker to gain unauthorized access and intercept web sessions. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches (affected versions not specified) Description: An issue was discovered in the web interface of the affected switches, related to information exposure through query strings in GET requests. This may allow an attacker to impersonate a legitimate user or disclose protected information using a GET request. The vulnerability is associated with errors in processing GET requests, which can be exploited by a remote attacker. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.