-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2013.1080
                MOXA Weak Entropy in DSA Keys Vulnerability
                               7 August 2013

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Moxa OnCell Gateway
Publisher:         US-CERT
Operating System:  Network Appliance
Impact/Access:     Unauthorised Access -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2012-3039  

Original Bulletin: 
   http://ics-cert.us-cert.gov/advisories/ICSA-13-217-01

- --------------------------BEGIN INCLUDED TEXT--------------------

Advisory (ICSA-13-217-01)

MOXA Weak Entropy in DSA Keys Vulnerability

Original release date: August 05, 2013 | Last revised: August 06, 2013

Researcher Nadia Heninger of the University of California, San Diego, and 
researchers Zakir Durumeric, Eric Wustrow, and J. Alex Halderman of the 
University of Michigan identified an insufficient entropy vulnerability in 
Moxa's OnCell Gateways. Moxa produced and released a firmware upgrade on April 
3, 2013, that mitigates this vulnerability.

This vulnerability could be exploited remotely.

Affected Products

The following Moxa OnCell Gateway models (before firmware version 1.4) are 
affected:

         G3111,
         G3151,
         G3211, and
         G3251.

Impact

An attacker could gain unauthorized access to the gateway by determining the 
authentication keys from reused or nonunique SSH and SSL host keys. 
Exploitation of this vulnerability could allow an attacker to affect the 
confidentiality, integrity, and availability of the OnCell Gateways.

Impact to individual organizations depends on many factors that are unique to 
each organization. ICS-CERT recommends that organizations evaluate the impact
of this vulnerability based on their operational environment, architecture, and
product implementation.

Background

Moxa is a Taiwan-based company that maintains offices in several countries 
around the world, including the US, UK, India, Germany, France, China, and 
Brazil.

The affected products, Moxa OnCell Gateways, are cellular IP gateways that can 
conveniently and transparently connect up to two devices to a cellular network.
This allows one to connect their existing Ethernet and serial devices with 
basic configuration.

According to Moxa, Moxa OnCell Gateways are deployed across several sectors, 
including critical manufacturing, transportation systems, information 
technology, water and wastewater, and communications. Moxa estimates that these
products are used globally, are focused mostly in the Asia-Pacific region, and
have smaller deployments in the Americas and Europe.

Vulnerability Characterization

Vulnerability Overview

Insufficient entropy[a]

The OnCell G3111, G3151, G3211, and G3251 gateways do not use sufficient 
entropy when generating keys for SSH and SSL connections; therefore, these keys
are vulnerable to exploits. By calculating private authentication keys, an 
attacker could gain unauthorized access to the system and read information on 
the device, as well as send commands to the device, which would compromise the
integrity and confidentiality of the data and could compromise the 
availability.

CVE-2012-3039[b] has been assigned to this vulnerability. A CVSS v2 base score 
of 7.1 has been assigned; the CVSS vector string is 
(AV:N/AC:H/Au:S/C:C/I:C/A:C).[c]

Vulnerability Details

Exploitability

This vulnerability could be exploited remotely.

Existence of Exploit

No known public exploits specifically target this vulnerability.

Difficulty

An attacker with a high skill level would be able to exploit this 
vulnerability.

Mitigation

Moxa released a firmware upgrade (OnCell G3111/G3151/G3211/G3251 Version 1.4) 
for these products on April 3, 2013, and is currently in the process of sending 
notification to its customers. This upgrade can be downloaded from the Moxa 
software download page at the following link: 
http://www.moxa.com/support/download.aspx?type=support&id=222. The firmware 
upgrade fixes the vulnerability by increasing the entropy in the dynamically 
generated keys to avoid nonuniqueness and key reuse.

ICS-CERT encourages asset owners to take additional defensive measures to 
protect against this and other cybersecurity risks.

        Minimize network exposure for all control system devices. Critical 
	devices should not directly face the Internet.

        Locate control system networks and remote devices behind firewalls, and 
	isolate them from the business network.

        When remote access is required, use secure methods, such as Virtual 
	Private Networks (VPNs), recognizing that VPN is only as secure as the 
	connected devices.

ICS-CERT also provides a section for control systems security recommended 
practices on the ICS-CERT Web page. Several recommended practices are available
for reading and download, including Improving Industrial Control Systems 
Cybersecurity with Defense-in-Depth Strategies.[d] ICS-CERT reminds 
organizations to perform proper impact analysis and risk assessment prior to 
taking defensive measures.

Additional mitigation guidance and recommended practices are publicly available
in the ICS-CERT Technical Information Paper, ICS-TIP-12-146-01B-Targeted Cyber
Intrusion Detection and Mitigation Strategies,[e] that is available for 
download from the ICS-CERT Web page (http://ics-cert.us-cert.gov/).

Organizations observing any suspected malicious activity should follow their 
established internal procedures and report their findings to ICS-CERT for 
tracking and correlation against other incidents.
 
    a. CWE-331: Insufficient Entropy, 
       http://cwe.mitre.org/data/definitions/331.html, Web site last accessed 
       August 05, 2013.
    b. NVD, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3039, NIST
       uses this advisory to create the CVE Web site report. This Web site will
       be active sometime after publication of this advisory.
    c. CVSS Calculator, 
       http://nvd.nist.gov/cvss.cfm?version=2&vector=AV:N/AC:H/Au:S/C:C/I:C/A:C
       Web site last visited August 05, 2013.
    d. CSSP Recommended Practices, 
       http://ics-cert.us-cert.gov/content/recommended-practices, Web site last
       accessed August 05, 2013.
    e. Targeted Cyber Intrusion Detection and Mitigation Strategies, 
       http://ics-cert.us-cert.gov/tips/ICS-TIP-12-146-01B, Web site last 
       accessed August 05, 2013

Contact Information

For any questions related to this report, please contact ICS-CERT at:

Email: ics-cert@hq.dhs.gov
Toll Free: 1-877-776-7585
International Callers: (208) 526-0900

For industrial control systems security information and incident reporting: 
http://ics-cert.us-cert.gov

ICS-CERT continuously strives to improve its products and services. You can 
help by answering a short series of questions about this product at the 
following URL: https://forms.us-cert.gov/ncsd-feedback/.

Legal

For Legal Information pertaining to this document, please consult 
http://ics-cert.us-cert.gov/Legal-Disclaimer

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBUgGZqhLndAQH1ShLAQIbVQ/9F9V8wmdCoTsZ7pUzAtT4MEUGjCfn7T+9
fzLrr1bd5qPAy3/ZOIydwGHuUrJk9O87E06KuiAywBzSRlXFduceD+xXbJlxsZsV
+k9jU8bqjL+GqZh2EjJC/hP2lSH45ZddpcXL9cBoOntAJub9/CSExKteBONpkBqL
wWCKc2VbeQXhHv3ZsT06mqq2izL+NnuRUS0BFsgnqjePsrEV89Uo9nRg2e7bW3jK
0CYGD5WxWrHUup8/5uqTC58E/0iO6NdWk1Al4+IotsEXYkKePXCwuWG8cnstgTTs
nab4xtisdC+P0is1OmlsKIbQ8iW+RqEXAEz4/k5bKlXrEEGobtZf+HCwWXx74POA
MxdVt57xV7eBz+B/tE/UwY5dQXj3nvkn/W4Qo3cuTIM/GTWizoSPue70L8IJg1EZ
AD/nxIkYNQE6wvwYfXSDw8MiWo36lyweiuNFrMLs0irJBxeOtsIcsr0TX4oAWkAT
RS523Nvl9Ymq81WMhYsWY4yKHBX6n9O6B36BM41Mh2ScSTuXAmWBDgwLjUE7dbKw
m1i5Ipu//PRkgrs5Tk5ivp8x4yAC4tEl0D+p1f3WQaVJ1yeK4TuvcRGfNvlOAzHH
Y69MO+l57aRoLS8bnmQMw8XcMUQLa1ytQV1T5XLjih1wheYDolj/ecyilXBnXe4M
BocKsZuWCSM=
=hdGf
-----END PGP SIGNATURE-----