Product support

Security Advisories

SUMMARY

Moxa’s Response Regarding the Key Reinstallation Attacks (KRACKs) Vulnerability

  • Version: 1.0
  • Release Date: Oct 27, 2017
  • Reference:

On October 2017, security vulnerabilities were disclosed in WPA2 (Wi-Fi protected Access II), which made it possible for a user to eavesdrop on Wi-Fi traffic that utilized WPA2. An attacker within the wireless range of a Wi-Fi network can exploit these vulnerabilities using key reinstallation attacks (KRACKs).

Moxa's Cyber Security Response Team (CSRT) is fully engaged in this matter and we are taking appropriate action. Our team has been working with all of our product teams to determine which models have been affected.

AFFECTED PRODUCTS AND SOLUTIONS

Affected Products

The affected products and firmware versions are shown below.

 Product Category Product Series Affected Version
Wireless APs/Bridges/Clients    AWK-1131A Series Firmware Version 1.11 or prior
AWK-3131A Series Firmware Version 1.3 or prior
AWK-4131A Series Firmware Version 1.3 or prior
AWK-3191 Series Firmware Version 1.2 or prior
AWK-1137C Series Firmware Version 1.1 or prior
TAP-213 Series Firmware Version 1.1 or prior
WDR-3124A Series Firmware Version 1.1 or prior
AWK-1121 Series Firmware Version 1.7 or prior
AWK-1127 Series Firmware Version 1.7 or prior
AWK-3121 Series Firmware Version 1.14 or prior
AWK-3131 Series Firmware Version 1.4 or prior
AWK-3131-M12-RCC Series Firmware Version 1.6 or prior
AWK-4121 Series Firmware Version 1.14 or prior
AWK-4131 Series Firmware Version 1.4 or prior
AWK-5222 Series Firmware Version 1.9 or prior
AWK-5232 Series Firmware Version 1.4 or prior
AWK-5232-M12-RCC Series Firmware Version 1.6 or prior
AWK-6222 Series Firmware Version 1.9 or prior
AWK-6232 Series Firmware Version 1.4 or prior
Controllers and I/Os ioLogik 2500 Series (-WL1 models) Firmware Version 2.1 or prior
Serial Device Servers NPort W2150A/W2250A Series Firmware Version 2.0 or prior
NPort IAW5000A-I/O Series Firmware Version 1.0 or prior
Protocol Gateways MGate W5108/W5208 Series Firmware Version 1.3 or prior
x86 Computers V2403 Series (-LX models) Firmware Version 1.0 or prior
V2406A Series (-LX models) Firmware Version 1.0 or prior
V2416A Series (-LX models) Firmware Version 1.0 or prior
V2426A Series (-LX models) Firmware Version 1.2 or prior
V2616A Series (-LX models) Firmware Version 1.1 or prior
MC-1100 Series Firmware Version 1.0 or prior
Arm-Based Computers UC-8481 Series Firmware Version 1.4 or prior (Linux 2.6.x)
UC-8100 Series

Firmware Version 2.1. or prior (Linux 3.2.x)

Firmware Version 2.0 or prior (Llinux 4.4)

UC-8100-ME-T Series Firmware Version 1.1 or prior (Llinux 4.4)
UC-8410A Series Firmware Version 2.1 or prior (Linux 2.6.x)
UC-8580 Series Firmware Version 1.0 or prior (Linux 4.4)

 

Solutions

Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.

 Product Category Product Series Solutions
 Wireless APs/Bridges/Clients    AWK-1131A Series Please download the new firmware/software here.
AWK-3131A Series Please download the new firmware/software here.
AWK-4131A Series Please download the new firmware/software here.
AWK-3191 Series his product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-1137C Series Please download the new firmware/software here.
TAP-213 Series Please download the new firmware/software here.
WDR-3124A Series Please download the new firmware/software here.
AWK-1121 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-1127 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-3121 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-3131 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-3131-M12-RCC Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-4121 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-4131 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-5222 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-5232 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-5232-M12-RCC Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-6222 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
AWK-6232 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
Controllers and I/Os ioLogik 2500 (-WL1 models) Please download the new firmware/software here.
Serial Device Servers NPort W2150A/W2250A Series Please download the new firmware/software here.
NPort IAW5000A-I/O Series Please download the new firmware/software here.
Protocol Gateways MGate W5108/W5208 Series Please download the new firmware/software here.
x86 Computers V2403 Series (-LX models) Please download the new firmware/software here.
V2406A Series (-LX models) Please download the new firmware/software here.
V2416A Series (-LX models) Please download the new firmware/software here.
V2426A Series (-LX models) Please download the new firmware/software here.
V2616A Series (-LX models) Please download the new firmware/software here.
MC-1100 Series Please download the new firmware/software here.
Arm-Based Computers UC-8481 Series This product has been phased out. Please contact Moxa Technical Support for assistance.
UC-8100 Series Please download the new firmware/software here.
UC-8100-ME-T Series Please download the new firmware/software here.
UC-8410A Series Please download the new firmware/software here.
UC-8580 Series Please download the new firmware/software here.

 

Revision History

Version Description Release Date
1.0 First Release Oct 27, 2017

Relevant Products

AWK-1131A Series · AWK-1137C Series · AWK-3131A Series · AWK-4131A Series · ioLogik 2500 Series · MC-1100 Series · MGate W5108/W5208 Series · NPort IA5000A-I/O Series · NPort W2150A/W2250A Series · TAP-213 Series · UC-8100 Series · UC-8100-ME-T Series · UC-8410A Series · UC-8580 Series · V2403 Series · V2406A Series · V2416A Series · V2426A Series · V2616A Series · WDR-3124A Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag