Affected Products:
The affected products and firmware versions are listed below.
Product Series |
Affected Versions |
EDS-P510 Series |
Firmware version 3.11 and earlier versions |
Solutions:
Moxa has developed appropriate solutions to address vulnerability. The solutions for the affected products are listed below.
Mitigations:
Modbus/TCP Device Identification and Modbus/TCP Coil Access:
- Restrict access to Modbus ports using firewalls, limiting access to trusted IPs.
- Use network segmentation to isolate Modbus devices.
- Implement access controls for authorization on Modbus write functions and monitor traffic.
- Deploy application-layer firewalls to block unauthorized Modbus commands.
Unencrypted Telnet Server:
- Disable Telnet and use SSH for secure remote access.
- Restrict SSH access to trusted IP addresses.
Revision History:
VERSION |
DESCRIPTION |
RELEASE DATE |
1.0 |
First release |
November 8, 2024 |