Hi! Please sign in Home >  Support > Technical FAQs

Technical FAQs
Question Moxa Statement on ICS-VU-767564 Regarding Moxa OnCell
Question Type Security Advisory
Updated 9/5/2017 12:18:34 PM
Hits 1
Products AWK-6222 Series,AWK-3121 Series,AWK-4121,AWK-5222 Series,WAC-1001,AWK-3131 Series,AWK-4131 Series,AWK-5232 Series,AWK-6232 Series,AWK-3131-M12-RCC Series,AWK-3121-RTG Series,AWK-1131A Series,AWK-3191 Series,TAP-6226 Series,WAC-2004,AWK-5232-M12-RCC Series,OnCell G3470A-LTE Series,AWK-3131A Series,AWK-4131A Series

On August 12th 2016, Moxa was contacted by ICS-CERT regarding reported security vulnerabilities of the Moxa OnCell G3470A-LTE. The two reported vulnerabilities in these products are:

Item Vulnerability Type Impact
1 Authorization bypass Unauthorized users could download log files and SNMP MIB files by accessing a specific URL.
2 Disclosed OS command Authenticated admins or users are able to execute arbitrary commands by web console.

Suggested Mitigation

Moxa recommends that customers should disable HTTP/HTTPS after completing required configuration through the web browser interface. Customers can access the device via SNMP to enable HTTP/HTTPS if needed again in the future. If remote control or monitoring is required, customers should enable the “IP Protocol Filter” feature of OnCell/AWK products to prevent any unauthorized access to the administrative web management interface.

Affected Products and Solution Patch Plan

Moxa conducted its own investigation of this vulnerability and found the same vulnerability in other products. The product status and patch plan are listed in the table below.

Product Series Affected Firmware Update Release Notes
OnCellG3470A-LTE November 1st , 2016
AWK-1131A/3131A/4131A Series
AWK-3191 Series May 31st , 2017 Beta patch firmware available on request (LT: 2 weeks) (Beta patch ready: Oct. 1st, 2016)
AWK-5232/6232 Series
AWK-1121/1127 Series June 30th , 2017
WAC-1001 V2 Series
WAC-2004 Series
AWK-3121-M12-RTG Series
AWK-3131-M12-RCC Series
AWK-5232-M12-RCC Series
TAP-6226 Series
AWK-3121/4121 Series N/A These models will be discontinued by Moxa in April 2017. Please contact Moxa if further assistance needed for these models.
AWK-3131/4131 Series
AWK-5222/6222 Series

For any urgent needs, please contact Moxa Technical Support to get the fixed beta firmware.

Related Questions
Provide Feedback
Quality of this article
Poor                Excellent