Moxa created an update that mitigates a stack-based buffer overflow vulnerability in its VPort ActiveX SDK Plus application, according to a report on ICS-CERT.
The following Moxa VPort ActiveX SDK products (all versions prior to Version 2.8) suffer from the remotely exploitable vulnerability, discovered by independent researcher Ariele Caltabiano via HP’s Zero Day Initiative (ZDI):
• MxNVR-MO4 Series
• VPort 26A-1MP Series
• VPort 351
• VPort 354
• VPort 36-1MP Series
• VPort 364A Series
• VPort 451
• VPort 461
• VPort 56-2MP Series
• VPort P06-1MP-M12
• VPort P06HC-1MP-M12 Series
• VPort P16-1MP-M12 Series
• VPort P16-1MP-M12-IR Series
Successful exploitation of this vulnerability may allow remote attackers to execute arbitrary code at the same privilege level at which VPort was running.
Moxa is a Taiwan-based company that maintains offices in several countries around the world, including the U.S., UK, India, Germany, France, China, and Brazil.
The affected products, Moxa VPort, are a family of camera, recorder, and encoders. ActiveX Control is an OCX component that uses Microsoft COM (Component Object Model) technology to enable software components to communicate. ActiveX is in VB, VC, and C# developing environments, as well as plug-ins for web applications and automation tools (e.g., SCADA software). According to Moxa, VPort ActiveX SDK products deploy across all 16 sectors. Moxa estimates these products see use primarily in the United States and Europe with a small percentage in Asia.
A function in ActiveX has a Stack-Based Buffer Overflow vulnerability. Successful exploitation of this vulnerability may allow insertion of lines of assembly code such as a call to another tool.
CVE-2015-0986 is the case number assigned to this vulnerability which ZDI assigned a CVSS v2 base score of 7.5.
No known public exploits specifically target this vulnerability. An attacker with a low skill would be able to craft a working exploit for this vulnerability.
Moxa produced an update that mitigates this vulnerability.