Product support

Security Advisories

SUMMARY

VPort 461 Series Industrial Video Servers Vulnerabilities

  • Version: V1.0
  • Release Date: Jun 08, 2020
  • Reference:
    • CVE-2020-23639

A product vulnerability was identified in Moxa’s VPort 461 Series Industrial Video Servers. In response to this, Moxa has developed a related solution to address the vulnerability.

The identified vulnerability types and potential impact is shown below:

Item Vulnerability Type Impact
1

Command Injection. CVE-2020-23639

A command injection vulnerability exists in the device that could allow a remote attacker to execute arbitrary commands.
AFFECTED PRODUCTS AND SOLUTIONS

Affected Products:

The affected product and firmware version is shown below.

Product Series Affected Versions
VPort 461 Series Firmware Version 3.4 or lower

 

Solutions:

Moxa has developed an appropriate solution to address the vulnerability, which is shown below.

Product Series Solutions
VPort 461 Series This product has been phased out,please contact Moxa Technical Support for assistance to receive a patch.

Acknowledgment:

We would like to express our appreciation to Xinjie Ma from Beijing Chaitin Future Technology Co.,Ltd for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers.
 

Revision History:

VERSION DESCRIPTION RELEASE DATE
1.0 First Release Jun 08, 2020

Relevant Products

VPort 461 Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag
Feedback