ICS-CERT has released an advisory on a Moxa MXview vulnerability. MXview v2.8 and prior versions are affected. Successful exploitation of this vulnerability could allow a local authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path. Moxa has produced new firmware Version 2.9 for the affected devices. ICS-CERT also recommends a series of defensive measures to minimize the risk of exploitation of this vulnerability. ICS-CERT.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!