research worker have fall upon a push-down stack - ground cowcatcher overflow in the Moxa merchandise which can be exploit to fulfil distant codification . “ [ CVE-2020 - 14500 ] go forth due to the wrong intervention of some of the node ’s HTTP bespeak lintel . In Secomea GateManager , which enable drug user to join from the net via an encrypt tunnel to the intimate net , investigator have let out several security measure mess , admit exposure that can be exploited to overwrite arbitrary datum ( CVE-2020 - 14500 ) , fulfill arbitrary cipher , trip a bash DoS , carry out dominate as ascendent by tie via hardcoded Telnet credential , and sustain drug user word due to debile hash . This could reserve a outside development of GateManager by an aggressor to achieve outback carrying out of computer code without any authentication . several companionship utilise the merchandise for distant direction and supervise of ICS like programmable logical system restrainer ( PLCs ) , stimulant / outturn devices , and theatre device . As for HMS Networks ’ eWON software program , specifically its eCatcher VPN client , Claroty describe a crucial plenty - based polisher spill over ( CVE-2020 - 14498 ) that can be abused to action arbitrary encrypt — and eventually takings broad ascendency of the direct electronic computer — by pass water a exploiter subject a malicious web site or e-mail . If successfully transport out , such an fire may answer in a add up security go against that ply wax entree to the interior meshwork of a party , along with the ability to decipher all traffic lead through the VPN , “ explicate Claroty . In a web log Emily Post sooner this month , Claroty identified this vulnerability , give chase as CVE-2020 - 14511 . researcher from Claroty , an industrial cybersecurity unshakable , see potentially life-threatening exposure in Secomea GateManager , Moxa EDR - G902 and EDR - G903 , and eWon for HMS Networks . Claroty enunciate the touch on VPNs are usually used in the embrocate and bluster and public-service corporation sphere and using may leading assailant to addition admittance to theater of operations devices and potentially causal agency forcible scathe .
Claroty has separate that aggressor can use of goods and services hunting railway locomotive like Shodan and Censys to uncovering compromise case of outback memory access host touch . Claroty say that it is yet hear to pass some of the society that were incur to employ unpatched GateManager good example . You will conceive the nearly up - to - engagement update at this fourth dimension , ’ explicate Claroty . “ Moxa urge that exploiter update EDR - G902/3 to adaptation v5.5 by use the respective usable microcode update for the EDR - G902 and EDR - G903 series . ‘ [ Secomea ] publish a novel version of GateManager 9.2c/9.2i to mitigate the exposure observe . Once likely place have been constituted , scourge histrion will remotely tap the exposure to memory access device , and ultimately the national VPN net , without certification . lastly , HMS Networks propose that eCatcher upgrade drug user to rendering v6.5.5 or ulterior . ’ The cybersecurity unbendable allege it has map GateManager representative across the earth and set up 337 know example , of which 253 are lull vulnerable to CVE-2020 - 14500 . Claroty give away the beleaguer to their various seller , who bring out plot that would define the blemish .