Affected Products:
The affected products and firmware versions are shown below.
Product Series |
Affected Versions |
NPort 5100A Series |
Firmware Version 1.5 or lower |
Solutions:
Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.
Product Series |
Solutions |
NPort 5100A Series |
- Please upgrade to the latest firmware here (at least version 1.5 or higher).
- Disable “Moxa Service” under Console Setting.
- If you need to enable “Moxa Service”, please set those devices that can access NPort as whitelisted (for example, by their IP address). Then, enable “Apply additional restrictions” under the Accessible IP List configuration.
|
Acknowledgment:
We would like to express our appreciation to Maayan Fishelov from SCADAfence for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers.
Revision History:
VERSION |
DESCRIPTION |
RELEASE DATE |
1.0 |
First Release |
Apr 29, 2020 |