Affected Products
Affected products and their firmware versions are listed in the following table:
Product Series |
Affected Versions |
EDF-G1002-BP Series |
Firmware version 3.14 and earlier |
EDR-810 Series |
Firmware version 5.12.39 and earlier |
EDR-8010 Series |
Firmware version 3.14 and earlier |
EDR-G9004 Series |
Firmware version 3.14 and earlier |
EDR-G9010 Series |
Firmware version 3.14 and earlier |
NAT-102 Series |
Firmware version 3.15 and earlier |
OnCell G4302-LTE4 Series |
Firmware version 3.14 and earlier |
TN-4900 Series |
Firmware version 3.14 and earlier |
Products That Are Not Vulnerable
Only the products listed in the Affected Products section of this advisory are known to be affected by these vulnerabilities. Moxa has confirmed that these vulnerabilities do not affect the following products:
- TN-5900 Series with firmware version 4.0 and earlier.
- MRC-1002 Series with firmware version 3.3 and earlier.
- EDR-G902 Series and EDR-G903 Series with firmware version 5.7.27 and earlier.
- OnCell 3120-LTE-1 Series with firmware version 2.3 and earlier.
Solutions
Moxa has developed appropriate solutions to address vulnerability. The solutions for the affected products are listed below.
Mitigations
To mitigate the risks associated with this vulnerability, we recommend the following action:
- Refer to the General Security Recommendations section to further strengthen your security posture.
General Security Recommendations
To safeguard devices and networks, we recommend implementing the following recommendations to mitigate potential risks:
- Restrict Network Access
- Use firewalls or access control lists (ACLs) to limit communication to trusted IP addresses and networks.
- Segregate operational networks from other networks (e.g., enterprise networks) using VLANs or physical separation.
- Minimize Exposure
- Avoid exposing devices directly to the Internet.
- Disable unused network services and ports to reduce the attack surface.
- Enhance Device Authentication and Access Control
- Implement multi-factor authentication (MFA) for accessing critical systems.
- Use role-based access control (RBAC) to enforce the principle of least privilege.
- Regularly Update Firmware and Software
- Keep devices updated with the latest firmware versions and security patches.
- Establish a regular patch management schedule to address newly identified vulnerabilities.
- Secure Remote Access
- Use encrypted communication protocols (e.g., VPN, SSH) for remote access.
- Restrict remote access to authorized personnel only and enforce strong authentication mechanisms.
- Implement Anomaly Detection Techniques
- Monitor network traffic and device behavior for unusual or unauthorized activities.
- Use tools or techniques that can identify anomalies and provide alerts for potential threats.
- Implement Logging and Monitoring
- Enable event logging and maintain audit trails on devices.
- Regularly review logs for anomalies and unauthorized access attempts.
- Conduct Regular Security Assessments
- Perform vulnerability assessments to identify potential risks.
- Regularly review device configurations to ensure compliance with security policies.
Acknowledgement
We would like to express our gratitude to Rex Weng from Moxa's Product Security Center for reporting the vulnerability, collaborating with us to enhance the security of our products, and contributing to our efforts to deliver a better service to our customers.
Revision History:
VERSION |
DESCRIPTION |
RELEASE DATE |
1.0 |
First release |
April 2, 2025 |
1.1 |
Updated the Affected Products and Solutions for the NAT-102 Series |
April 3, 2025 |