Product support

Security Advisories

SUMMARY

NPort IA5450A Series Serial Device Servers Vulnerability

  • Version: V1.0
  • Release Date: Aug 12, 2019

A product vulnerability was identified in Moxa’s NPort IA5450A Series Serial Device Servers. In response to this, Moxa has developed a solution to address the vulnerability

The identified vulnerability type and potential impact is shown below:

Item Vulnerability Type Impact
1 Information Leak / Disclosure An attacker may be able to exploit a flaw in the handling of Ethernet frame padding that may allow information to be exposed.
AFFECTED PRODUCTS AND SOLUTIONS

Affected Products:

The affected product and firmware versions are shown below.

oduct Series Affected Versions
NPort IA5450A Series Firmware Version 1.5 or lower

 

Solutions:

Moxa has developed appropriate solution to address the vulnerability. The solution for affected product is shown below.

Product Series Solutions
NPort IA5450A Series Please download the new firmware/software here.

 

Acknowledgment:

We would like to express our appreciation to Bryan Peloquin from American Systems Corporation for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers.

 

Revision History:

VERSION DESCRIPTION RELEASE DATE
1.0 First Release Aug 12, 2019

Relevant Products

NPort IA5000A Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag