Hi! Please sign in Home >  Support > Technical FAQs

Technical FAQs
Question Moxa Statement on “THE DROWN ATTACK” Vulnerability (CVE-2016-0800)
Question Type Security Advisory
Updated 9/5/2017 12:18:08 PM
Hits 1
Products
Suggestions

Moxa has verified that some of its products are impacted by the SSLv2 vulnerability, CVE-2016 –0800.  Also known as “THE DROWN ATTACK,” this vulnerability could allow data, including passwords and encryption keys, to be read from affected systems. In the short term, users should set up access control to devices to prevent any un-authorized access from those who might take advantage of the vulnerability. For a long term solution, Moxa plans to release patch firmware to affected devices as scheduled below.

Related Questions
Provide Feedback
Quality of this article
Poor                Excellent