Product support

Security Advisories

SUMMARY

EDS-G508E Series, EDS-G512E Series, and EDS-G516E Series Ethernet Switch Vulnerabilities

Multiple product vulnerabilities were identified in Moxa’s EDS-G508E Series, EDS-G512E Series, and EDS-G516E Series Ethernet Switch. In response to this, Moxa has developed related solutions to address these vulnerabilities.

The identified vulnerability types and potential impacts are shown below:

Item Vulnerability Type Impact
1 Denial of Service An attacker could remotely manipulate the session ID and disrupt the network communications of Moxa's switch.
2 Cookie Management Cookies are not secured against being reused
3 Cross-Site Scripting Attack An attacker could use these flaws to insert a malicious code on to the users' browser or on to the switch.
AFFECTED PRODUCTS AND SOLUTIONS

Affected Products

The affected products and firmware versions are shown below.

Product Series Affected Version
EDS-G508E Series Firmware Version 5.2 or prior
EDS-G512E Series Firmware Version 5.2 or prior
EDS-G516E Series Firmware Version 5.2 or prior

 

Solutions

Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.

Product Series Solutions
EDS-G508E Series Please download the new firmware/software here.
EDS-G512E Series Please download the new firmware/software here.
EDS-G516E Series Please download the new firmware/software here.

 

Revision History

Version Description Release Date
1.0 First Release Jan 3, 2018
1.1 Update patch firmware link May 31, 2018

Relevant Products

EDS-G508E Series · EDS-G512E Series · EDS-G516E Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag