Affected Products:
The affected products and firmware versions are shown below.
Product Series |
Affected Versions |
ioLogik E2200 Series |
Firmware Version 3.13 or lower. |
ioAdmin Configuration Utility |
Software Version 3.19 or lower. |
Solutions:
Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.
Product Series |
Solutions |
ioLogik E2200 Series |
Items 1, 2 and 4 to 9: Please contact Moxa Technical Support for a security patch.
Item 3: To exploit this vulnerability requires physical access to the device and then to disassemble the case. Therefore, we strongly recommend that the device is installed in a locked cabinet or another secure environment. |
ioAdmin Configuration Utility |
Items 10 and 11: Please contact Moxa Technical Support for a security patch. |
Acknowledgment:
We would like to express our appreciation to Ilya Karpov, Konstantin Kondratev and Evgeniy Druzhinin of Rostelecom-Solar for reporting the vulnerabilities, working with us to help enhance the security of our products, and helping us provide a better service to our customers.
Revision History:
VERSION |
DESCRIPTION |
RELEASE DATE |
1.0 |
First Release |
Nov 23, 2021 |