Moxa Moxa’s Response Regarding the Intel Management Engine Vulnerability
Act Nowmoxas-response-regarding-the-intel-management-engine-vulnerabilityAug 9, 2018
Summary
In 2017, researchers disclosed multiple vulnerabilities (CVE-2017-5689, CVE-2017-5705, CVE-2017-5708, CVE-2017-5711, CVE-2017-5712) in the Intel Management Engine that allow attackers without network access to gain system privileges and provision management features for local or remote privilege escalation. Moxa products containing affected Intel processors with Management Engine are vulnerable. Intel released patch firmware to address these issues. Moxa has identified affected products and released firmware upgrades to remediate the vulnerabilities.
What this means
What could happen
An attacker with network access could exploit Intel Management Engine vulnerabilities in affected Moxa industrial devices to gain system-level privileges and potentially control device functionality or access sensitive data on the device.
Who's at risk
This affects Moxa industrial products and industrial-grade equipment that contain Intel processors with Management Engine features. This includes industrial computers, gateway devices, and control systems used in manufacturing, utilities, and critical infrastructure environments.
How it could be exploited
An attacker on the network could send specially crafted packets to the Intel Management Engine running on affected Moxa devices. If successful, the attacker gains privileged access to the device, allowing them to modify configurations, access management features, or compromise the device's operating system without needing valid credentials.
Prerequisites
- Network access to the affected Moxa device
- Device must have Intel Management Engine enabled
- No credentials required
remotely exploitableno authentication requiredactively exploited (KEV)high EPSS score (94.2%)affects industrial control systems
Exploitability
Actively exploited — confirmed by CISA KEV
Affected products (1)
ProductAffected VersionsFix Status
Moxa’s Response Regarding the Intel Management Engine VulnerabilityAll versionsNo fix yet
Remediation & Mitigation
0/4
Do now
0/3HOTFIXUpdate BIOS and Management Engine firmware to the latest version released by Moxa for your specific product model
HOTFIXContact Moxa Global Customer Service to identify which of your products are affected and obtain the appropriate firmware updates
WORKAROUNDIf firmware updates cannot be applied immediately, restrict network access to affected devices using firewall rules to limit exposure
Long-term hardening
0/1HARDENINGImplement network segmentation to isolate devices with Intel Management Engine from untrusted networks
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/11d79efd-00e8-4dee-aa3f-205c67cdfaf8