CVE-2019-18238

Name of the Vulnerable Software and Affected Versions Moxa ioLogik 2542-HSPA versions 3.0 or lower Moxa ioLogik 2500 series firmware versions 3.0 or lower Moxa Ioxpress Configuration Utility versions 2.3.0 or lower

Description The issue is related to the use of the HTTP protocol by default for "Basic HTTP Authorization" in Moxa ioLogik 2542-HSPA and Moxa Ioxpress Configuration Utility. This may allow a remote attacker to intercept administrator credentials and other confidential information, and gain access to the system management. Sensitive information is stored in configuration files without encryption, which may enable an attacker to access an administrative account.

Recommendations For Moxa ioLogik 2542-HSPA versions 3.0 or lower, consider disabling the use of the HTTP protocol for authorization until a secure alternative is implemented. For Moxa ioLogik 2500 series firmware versions 3.0 or lower, update the configuration to store sensitive information with encryption. For Moxa Ioxpress Configuration Utility versions 2.3.0 or lower, restrict access to configuration files to minimize the risk of exploitation. As a temporary workaround, consider restricting access to the system management interface until the issue is resolved.