Moxa¹¤Òµ½»Á÷»ú¶à¸öÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-03-13

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-6557£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬£¬£¬£¬ £¬¹Ù·½£º9.8

CVE±àºÅ£ºCVE-2019-6561£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.6£¬£¬£¬£¬ £¬¹Ù·½£º8.8

CVE±àºÅ£ºCVE-2019-6565£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.6£¬£¬£¬£¬ £¬¹Ù·½£º6.1

CVE±àºÅ£ºCVE-2019-6520£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.1£¬£¬£¬£¬ £¬¹Ù·½£º7.5

CVE±àºÅ£ºCVE-2019-6524£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬£¬£¬£¬ £¬¹Ù·½£º9.8

CVE±àºÅ£ºCVE-2019-6526£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬£¬£¬£¬ £¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-6522£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.1£¬£¬£¬£¬ £¬¹Ù·½£º9.1

CVE±àºÅ£ºCVE-2019-6518£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬£¬£¬£¬ £¬¹Ù·½£º7.5

CVE±àºÅ£ºCVE-2019-6563£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£ºÑÏÖØ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º9.8£¬£¬£¬£¬ £¬¹Ù·½£º9.8

CVE±àºÅ£ºCVE-2019-6559£¬£¬£¬£¬ £¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬£¬£¬ £¬ CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬£¬£¬£¬ £¬¹Ù·½£º6.5


Ó°Ïì¹æÄ£


ÊÜÓ°Ïì°æ±¾£º 

IKS-G6824A series Versions 4.5 and prior,

EDS-405A series Version 3.8 and prior,

EDS-408A series Version 3.8 and prior, and

EDS-510A series Version 3.8 and prior.


Îó²î¸ÅÊö


Moxa EDSºÍIKSÊÇÖйų́ÍåĦɯ£¨Moxa£©¹«Ë¾µÄ¹¤Òµ½»Á÷»ú£¬£¬£¬£¬ £¬±»Ðí¶àÐÐҵʹÓ㬣¬£¬£¬ £¬°üÀ¨ÄÜÔ´²¿·Ö£¬£¬£¬£¬ £¬Òªº¦ÖÆÔìºÍÔËÊ䣬£¬£¬£¬ £¬Ñо¿Ö°Ô±·¢Ã÷ÁËÈçÏÂÎó²î£º


CVE-2019-6557

¶à¿îMoxa²úÆ·Öб£´æ»º³åÇøÒç³öÎó²î¡£¡£¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îÖ´ÐдúÂë¡£¡£¡£¡£¡£¡£


CVE-2019-6561

¶à¿îMoxa²úÆ·Öб£´æ¿çÕ¾ÇëÇóαÔìÎó²î¡£¡£¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²îÖ´ÐÐδÊÚȨµÄ²Ù×÷¡£¡£¡£¡£¡£¡£


CVE-2019-6565

¶à¿îMoxa²úÆ·Öб£´æ¿çÕ¾¾ç±¾Îó²î£¬£¬£¬£¬ £¬¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓÐ׼ȷµØÑéÖ¤Óû§ÊäÈë¡£¡£¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿ÉʹÓøÃÎó²î×¢Èë¶ñÒâµÄ¾ç±¾¡£¡£¡£¡£¡£¡£


CVE-2019-6520

¶à¿îMoxa²úÆ·Öб£´æ»á¼û¿ØÖƹýʧÎó²î£¬£¬£¬£¬ £¬¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓÐ׼ȷµØÑé֤ȨÏÞ¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÐÞ¸ÄÉèÖᣡ£¡£¡£¡£¡£


CVE-2019-6524

¶à¿îMoxa²úÆ·Öб£´æÇå¾²Îó²î£¬£¬£¬£¬ £¬¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓгä·ÖµØÏÞÖÆÉí·ÝÑéÖ¤ÇëÇóµÄ´ÎÊý¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿Éͨ¹ýʵÑ鱩Á¦Æƽ⹥»÷ʹÓøÃÎó²î»ñÈ¡ÃÜÂë¡£¡£¡£¡£¡£¡£


CVE-2019-6526

¶à¿îMoxa²úÆ·Öб£´æÇå¾²Îó²î£¬£¬£¬£¬ £¬¸ÃÎó²îÔ´ÓÚ³ÌÐòʹÓÃÃ÷ÎĵÄÐÎʽÀ´×ª´ïÃô¸ÐÊý¾Ý¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î²¶»ñÃô¸ÐÊý¾Ý£¨ÀýÈ磺ÃÜÂ룩¡£¡£¡£¡£¡£¡£


CVE-2019-6522

¶à¿îMoxa²úÆ·Öб£´æÔ½½ç¶ÁÈ¡Îó²î£¬£¬£¬£¬ £¬¸ÃÎó²îÔ´ÓÚ³ÌÐòûÓÐ׼ȷµØÑéÖ¤Êý×é½çÏß¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î¶ÁÈ¡í§ÒâµØµãÉϵÄ×°±¸Äڴ棬£¬£¬£¬ £¬½ø¶ø¼ìË÷Ãô¸ÐÊý¾Ý»òÔì³É×°±¸ÖØÆô¡£¡£¡£¡£¡£¡£


CVE-2019-6518

¶à¿îMoxa²úÆ·Öб£´æÇå¾²Îó²î£¬£¬£¬£¬ £¬¸ÃÎó²îÔ´ÓÚ³ÌÐò½«ÃÜÂë´æ´¢ÎªÃ÷ÎÄÐÎʽ¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î¶ÁÈ¡Ãô¸ÐÐÅÏ¢¡£¡£¡£¡£¡£¡£


CVE-2019-6563

¶à¿îMoxa²úÆ·Öб£´æÇå¾²Îó²î£¬£¬£¬£¬ £¬¸ÃÎó²îÔ´ÓÚ³ÌÐòÌìÉúÁËÒ×±»Õ¹ÍûµÄcookie¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²î²¶»ñÖÎÀíÔ±ÃÜÂë¡£¡£¡£¡£¡£¡£


CVE-2019-6559

¶à¿îMoxa²úÆ·Öб£´æÇå¾²Îó²î¡£¡£¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õ߿ɽèÖúÌØÖƵÄÊý¾Ý°üʹÓøÃÎó²îÔì³Éת»»Æ÷Í߽⣬£¬£¬£¬ £¬µ¼Ö¾ܾøЧÀÍ¡£¡£¡£¡£¡£¡£


ÐÞ¸´½¨Òé


Moxa½¨ÒéÓû§ÊµÑéÒÔϲ½·¥À´»º½âÕâЩÎó²î£º

×°Öù̼þ²¹¶¡¡£¡£¡£¡£¡£¡£¿£¿£¿£¿£¿Éͨ¹ýÒÔÏÂÁ´½ÓÏòMoxa¿Í»§Ð§ÀͲ¿·ÖË÷È¡²¹¶¡£¡£¡£¡£¡£¡£¨ÐèÒªµÇ¼£©£ºhttps://www.moxa.com/support/request_support.aspx¡£¡£¡£¡£¡£¡£

½ûÓÃIKSÖеÄWeb¿ØÖÆ̨»á¼û£¬£¬£¬£¬ £¬²¢Ê¹ÓÃÆäËû¿ØÖÆ̨£¬£¬£¬£¬ £¬ÀýÈçSNMP / Telnet / CLI¡£¡£¡£¡£¡£¡£

½«EDSϵÁÐWebÉèÖÃÉèÖÃΪ¡°½öhttps¡±ÒÔïÔÌ­¿ÉÕ¹ÍûµÄ»á»°IDÎÊÌâ¡£¡£¡£¡£¡£¡£


²Î¿¼Á´½Ó


https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01