Moxa VPort Series Improper Input Validation Vulnerability

Low Risk3vport-series-improper-input-validation-vulnerabilityNov 11, 2022

Summary

The Moxa VPort IP Camera series contains multiple improper input validation vulnerabilities in the RTSP service. These include format string flaws (CVE-2022-38157), buffer overflow conditions (CVE-2022-31858), and NULL pointer dereference issues (CVE-2022-38159). Successful exploitation allows a remote attacker to crash the RTSP streaming service, disrupting video feeds. No firmware patch is available for any VPort series version.

What this means

What could happen

An attacker could crash the RTSP streaming service on Moxa VPort IP cameras, causing loss of video feed and potentially interrupting surveillance systems or process monitoring that relies on camera feeds.

Who's at risk

Water utilities and electric cooperatives using Moxa VPort IP cameras for facility surveillance, process area monitoring, or control room video feeds should be concerned. VPort cameras are commonly deployed in hazardous areas and critical infrastructure for remote visual inspection and compliance documentation.

How it could be exploited

An attacker with network access to the RTSP service port on a VPort camera could send specially crafted input containing format strings, oversized buffers, or null pointer dereference payloads to trigger a crash. The attacker does not need credentials to trigger the vulnerability.

Prerequisites

Network access to the RTSP service port on the VPort camera (typically port 554)
No authentication required

remotely exploitableno authentication requiredlow complexityno patch availableaffects surveillance/monitoring systems

Affected products (1)

ProductAffected VersionsFix Status

VPort SeriesAll versionsNo fix yet

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDDeploy firewall rules to limit inbound connections to RTSP ports (port 554) on VPort cameras from trusted sources only.

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

WORKAROUNDDisable RTSP service if it is not required for your operations.

Long-term hardening

0/1

HARDENINGImplement network segmentation to restrict access to VPort camera RTSP ports to only authorized networks and workstations that need camera feeds.

CVEs (3)

CVE-2022-38157 CVE-2022-31858 CVE-2022-38159

View full Moxa Security advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/09fd5e47-7ca9-4056-beaa-509453a2d5db