Affected Products:
The affected products and firmware versions are listed below.
Product Series |
Affected Versions |
PT-7528 Series |
Firmware version 5.0 and earlier versions |
PT-7728 Series |
Firmware version 3.9 and earlier versions |
PT-7828 Series |
Firmware version 4.0 and earlier versions |
Solutions:
Moxa has developed appropriate solutions to strengthen the security of the product. The solutions for the affected products are listed below.
Product Series |
Solutions |
PT-7528 Series |
Refer to the Mitigations |
PT-7728 Series |
Refer to the Mitigations |
PT-7828 Series |
Refer to the Mitigations |
Mitigation:
Users of PT-7528/7728/7828 Series are advised to implement the following mitigations:
-
SNMP
On page 35 of User Manuel v9.9, the NOTE states:
Community names default is "Public". To prevent DDoS attack, it should be changed instead of keeping the default name.
-
Telnet
On page 76 of User Manuel v9.9, the NOTE in Management Interface states:
3. To avoid hackers from snooping confidential information, users should adopt encryption-based communication protocols, such as HTTPS instead of HTTP, SSH instead of Telnet, and SNMPv3 instead of SNMPv1/v2c.
-
SSL Certificate
On page 79 of User Manuel v9.9, the SSL Certificate Management function enables users to import their own SSL certificates.
Revision History:
VERSION |
DESCRIPTION |
RELEASE DATE |
1.0 |
First Release |
January 9, 2025 |