Product support

Security Advisories

SUMMARY

Moxa’s Response Regarding SSLv2 Vulnerabilities (DROWN, CVE-2016-0800)

  • Version: 1.0
  • Release Date: Mar 31, 2016
  • Reference:
    • CVE-2016-0800

Moxa has verified that some of its products are impacted by the SSLv2 vulnerability, CVE-2016-0800.  Also known as “THE DROWN ATTACK,” this vulnerability could allow data, including passwords and encryption keys, to be read from affected systems.

Moxa's Cyber Security Response Team (CSRT) is fully engaged in this matter and we are taking appropriate action. If there are any updates to the status of the vulnerabilities or how these affect Moxa's products, we will provide an update immediately.

AFFECTED PRODUCTS AND SOLUTIONS

Affected Products

The affected product and firmware versions are shown below.

 
Product Category Product Series Affected Version
Controllers and I/Os ioPAC 8500 Series Firmware Version 1.9 or prior
ioPAC 8500-IEC Series Firmware Version 1.4 or prior
ioPAC 8600 Series Firmware Version 1.2 or prior
ioPAC 8600-IEC Series Firmware Version 1.2 or prior
ioLogik 2500 Series Firmware Version 2.1 or prior
Protocol Gateways MGate 5101-PBM-MN Series Firmware Version 1.1 or prior
MGate 5102-PBM-PN Series Firmware Version 1.2 or prior
MGate 5105-MB-EIP Series Firmware Version 1.1 or prior
Serial Device Servers NPort W2150A/W2250A Series Firmware Version 1.9 or prior
MiiNePort W1 Series Firmware Version 1.1 or prior
NPort S8000 Series Firmware Version 1.5 or prior
NPort 6100/6200 Series Firmware Version 1.13 or prior
NPort 6400/6600 Series Firmware Version 1.13 or prior
Ethernet Switches EDS-505A Series Firmware Version 3.4 or prior
EDS-508A Series Firmware Version 3.4 or prior
EDS-510A Series Firmware Version 3.4 or prior
EDS-516A Series Firmware Version 3.4 or prior
EDS-518A Series Firmware Version 3.4 or prior
EDS-510E Series Firmware Version 4.1 or prior
EDS-518E Series Firmware Version 4.1 or prior
EDS-G508E Series Firmware Version 4.2 or prior
EDS-G512E Series Firmware Version 4.2 or prior
EDS-G516E Series Firmware Version 4.2 or prior
IKS-6726A Series Firmware Version 4.1 or prior
IKS-6728A Series Firmware Version 4.1 or prior
IKS-G6524A Series Firmware Version 4.2 or prior
ICS-G7526A Series Firmware Version 4.2 or prior
ICS-G7528A Series Firmware Version 4.2 or prior
ICS-G7748A Series Firmware Version 4.2 or prior
ICS-G7750A Series Firmware Version 4.2 or prior
ICS-G7752A Series Firmware Version 4.2 or prior
IKS-G6824A Series Firmware Version 4.5 or prior
ICS-G7826A Series Firmware Version 4.5 or prior
ICS-G7828A Series Firmware Version 4.5 or prior
ICS-G7848A Series Firmware Version 4.5 or prior
ICS-G7850A Series Firmware Version 4.5 or prior
ICS-G7852A Series Firmware Version 4.5 or prior
IEX-402E-VDSL2 Series Firmware Version 2.0 or prior
IEX-402-SHDSL Series Firmware Version 1.2 or prior
IEX-408E Series Firmware Version 1.2 or prior
PT-508 Series Firmware Version 3.8 or prior
PT-510 Series Firmware Version 3.8 or prior
PT-G503 Series Firmware Version 3.8 or prior
PT-7710 Series Firmware Version 3.8 or prior
PT-7728 Series Firmware Version 3.8 or prior
PT-7828 Series Firmware Version 3.8 or prior
PT-G7509 Series Firmware Version 3.8 or prior
PT-G7728 Series Firmware Version 3.8 or prior
PT-G7828 Series Firmware Version 3.8 or prior
PT-7728-PTP Series Firmware Version 3.6 or prior
PT-7528 Series Firmware Version 4.0 or prior
TN-4500A Series Firmware Version 3.2 or prior
TN-5500A Series (TN-5508A/5510A) Firmware Version 3.6 or prior
TN-5500A Series (TN-5516A/5518A) Firmware Version 3.7 or prior
TN-5800A Series Firmware Version 3.5 or prior
TN-5900 Series Firmware Version 1.2 or prior
x86 Computers / Arm-Based Computers IA240 Series Firmware Version 1.6 or prior
UC-7100 Series (-LX Plus model) Firmware Version 1.4 or prior
DA-660A Series Firmware Version 1.1 or prior
EM-2260 Series (-LX models) Firmware Version 1.1 or prior
IA260 Series (-LX models) Firmware Version 1.1 or prior
IA261-I Series (-LX models) Firmware Version 1.1 or prior
IA262-I Series (-LX models) Firmware Version 1.1 or prior
UC-8410 Series (-LX models) Firmware Version 2.1 or prior
UC-8416 Series (-LX models) Firmware Version 2.1 or prior
UC-8418 Series (-LX models) Firmware Version 2.1 or prior
UC-8430 Series (-LX models) Firmware Version 2.1 or prior
UC-8481 Series (-LX models) Firmware Version 1.4 or prior
V2201 Series Firmware Version 1.1 or prior
UC-8100 Series Firmware Version 1.3 or prior
UC-8410A Series Firmware Version 1.0 or prior

 

Solutions

Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for the affected products are shown below.

 
Product Category Product Series Solutions
Controllers and I/Os ioPAC 8500 Series Please contact Moxa Technical Support for assistance.
ioPAC 8500-IEC Series Please contact Moxa Technical Support for assistance.
ioPAC 8600 Series Please contact Moxa Technical Support for assistance.
ioPAC 8600-IEC Series Please contact Moxa Technical Support for assistance.
ioLogik 2500 Series Please download the new firmware/software here.
Protocol Gateways MGate 5101-PBM-MN Series Please download the new firmware/software here.
MGate 5102-PBM-PN Series Please download the new firmware/software here.
MGate 5105-MB-EIP Series Please download the new firmware/software here.
Serial Device Servers NPort W2150A/W2250A Series Please download the new firmware/software here.
MiiNePort W1 Series Please download the new firmware/software here.
NPort S8000 Series Please download the new firmware/software here.
NPort 6100/6200 Series Please download the new firmware/software here.
NPort 6400/6600 Series Please download the new firmware/software here.
Ethernet Switches EDS-505ASeries Please download the new firmware/software here.
EDS-508A Series Please download the new firmware/software here.
EDS-510A Series Please download the new firmware/software here.
EDS-516A Series Please download the new firmware/software here.
EDS-518A Series Please download the new firmware/software here.
EDS-510E Series Please download the new firmware/software here.
EDS-518E Series Please download the new firmware/software here.
EDS-G508E Series Please download the new firmware/software here.
EDS-G512E Series Please download the new firmware/software here.
EDS-G516E Series Please download the new firmware/software here.
IKS-6726A Series Please download the new firmware/software here.
IKS-6728A Series Please download the new firmware/software here.
IKS-G6524A Series Please download the new firmware/software here.
ICS-G7526A Series Please download the new firmware/software here.
ICS-G7528A Series Please download the new firmware/software here.
ICS-G7748A Series Please download the new firmware/software here.
ICS-G7750A Series Please download the new firmware/software here.
ICS-G7752A Series Please download the new firmware/software here.
IKS-G6824A Series Please contact Moxa Technical Support for assistance.
ICS-G7826A Series Please contact Moxa Technical Support for assistance.
ICS-G7828A Series Please contact Moxa Technical Support for assistance.
ICS-G7848A Series Please contact Moxa Technical Support for assistance.
ICS-G7850A Series Please contact Moxa Technical Support for assistance.
ICS-G7852A Series Please contact Moxa Technical Support for assistance.
IEX-402E-VDSL2 Series Please contact Moxa Technical Support for assistance.
IEX-402-SHDSL Series Please contact Moxa Technical Support for assistance.
IEX-408E Series Please contact Moxa Technical Support for assistance.
PT-508 Series Please download the new firmware/software here.
PT-510 Series Please download the new firmware/software here.
PT-G503 Series Please download the new firmware/software here.
PT-7710 Series Please download the new firmware/software here.
PT-7728 Series Please download the new firmware/software here.
PT-7828 Series Please download the new firmware/software here.
PT-G7509 Series Please download the new firmware/software here.
PT-G7728 Series Please download the new firmware/software here.
PT-G7828 Series Please download the new firmware/software here.
PT-7728-PTP Series Please contact Moxa Technical Support for assistance.
PT-7528 Series Please contact Moxa Technical Support for assistance.
TN-4500A Series Please contact Moxa Technical Support for assistance.
TN-5500ASeries Please contact Moxa Technical Support for assistance.
TN-5800A Series Please contact Moxa Technical Support for assistance.
TN-5900 Series Please contact Moxa Technical Support for assistance.
x86 Computers / Arm-Based Computers IA240 Series Please download the new firmware/software here.
UC-7100 Series (-LX Plus model) Please download the new firmware/software here.
DA-660A Series Please download the new firmware/software here.
EM-2260 Series (-LX models) Please contact Moxa Technical Support for assistance.
IA260 Series(-LX models) Please contact Moxa Technical Support for assistance.
IA261-I Series(-LX models) Please contact Moxa Technical Support for assistance.
IA262-I Series(-LX models) Please contact Moxa Technical Support for assistance.
UC-8410 (-LX models) This product has been phased out. Please contact Moxa Technical Support for assistance.
UC-8416 Series (-LX models) This product has been phased out. Please contact Moxa Technical Support for assistance.
UC-8418 Series (-LX models) This product has been phased out. Please contact Moxa Technical Support for assistance.
UC-8430 Series (-LX models) This product has been phased out. Please contact Moxa Technical Support for assistance.
UC-8481 Series (-LX models) This product has been phased out. Please contact Moxa Technical Support for assistance.
V2201 Series Please download the new firmware/software here.
UC-8100 Series Please download the new firmware/software here.
UC-8410A Series Please download the new firmware/software here.

 

Revision History

Version Description Release Date
1.0 First Release Mar 31, 2016

Relevant Products

DA-660A Series · EDS-505A Series · EDS-508A Series · EDS-510A Series · EDS-510E Series · EDS-516A Series · EDS-518E Series · EDS-G508E Series · EDS-G512E Series · EDS-G516E Series · EM-2260 Series · IA240 Series · IA260 Series · IA261-I/IA262-I Series · ICS-G7526A Series · ICS-G7528A Series · ICS-G7748A Series · ICS-G7750A Series · ICS-G7752A Series · ICS-G7826A Series · ICS-G7828A Series · ICS-G7848A Series · ICS-G7850A Series · IEX-402 Series · IEX-408E Series · IKS-6726A Series · IKS-6728A Series · IKS-G6524A Series · ioLogik 2500 Series · ioPAC 8500 Series · ioPAC 8500 Series (85M) Modules · ioPAC 8600 Series · ioPAC 8600 Series (86M) Modules · MGate 5101-PBM-MN Series · MGate 5102-PBM-PN Series · MGate 5105-MB-EIP Series · MiiNePort W1 Series · NPort 6100/6200 Series · NPort 6400/6600 Series · NPort S8000 Series · NPort W2150A/W2250A Series · PT-508 Series · PT-510 Series · PT-7528 Series · PT-7710 Series · PT-7728 Series · PT-7828 Series · PT-G503 Series · PT-G7509 Series · PT-G7728 Series · PT-G7828 Series · TN-4500A Series · TN-5800A Series · UC-7100 Series · UC-8100 Series · UC-8410A Series · UC-8416/8418 Series · V2201 Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s Get That Fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag