Successful exploitation of the improper physical access control vulnerability could allow an attacker who has gained physical access to the device to take full control using the console port.
In order for this vulnerability to be exploited, an attacker has to use a cable to access the device’s bootloader menu. Therefore, the device is vulnerable if it is deployed in an area without proper physical security (e.g., in an open space without access control).
Moxa’s PSIRT would like to remind organizations to perform a proper impact analysis and risk assessment prior to deploying defensive measures, such as the security patch.
The identified vulnerability types and potential impacts are shown below:
|Improper Physical Access Control
|An attacker with physical access to the device can restart the device and gain access to its BIOS. Then, command line options can be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device authentication files to create a new user profile and gain full access to the system.