Product support

Security Advisories

SUMMARY

EDR-G902 Series and EDR-G903 Series Secure Routers Vulnerabilities

  • Version: V1.0
  • Release Date: Jun 15, 2020
  • Reference:
    • N/A

A product vulnerability was identified in Moxa’s EDR-G902 Series and EDR-G903 Series Secure Routers. In response to this, Moxa has developed related solutions to address this vulnerability.

The identified vulnerability types and potential impacts are shown below:

Item Vulnerability Type Impact
1 Stack buffer overflow Malicious operation of the crafted web browser cookie may cause stack buffer overflow in the system web server of the EDR-G902 Series and EDR-G903 Series.
AFFECTED PRODUCTS AND SOLUTIONS

Affected Products:

The affected products and firmware versions are shown below.

Product Series Affected Versions
EDR-G902 Series Firmware Version 5.4 or lower
EDR-G903 Series Firmware Version 5.4 or lower

 

Solutions:

Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.

Product Series Solutions
EDR-G902 Series Please download the new firmware here.
EDR-G903 Series Please download the new firmware here.

Acknowledgment:

We would like to express our appreciation to Tal Keren from Claroty for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers.
 

Revision History:

VERSION DESCRIPTION RELEASE DATE
1.0 First Release Jun 15, 2020

Relevant Products

EDR-G902 Series · EDR-G903 Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag