A vulnerability has been found in libssh’s server-side state machine in versions 0.7.6 and 0.8.4 and prior. This vulnerability (CVE-2018-10933) is due to improper authentication operation and it allows a remote attacker to bypass authentication on the target system.
Moxa has investigated and has not found any products that are affected by these vulnerabilities.
Moxa's Cyber Security Response Team (CSRT) will keep monitoring the situation and if there are any updates to the status of the vulnerabilities and it would affect Moxa's products, an update will be provided immediately.