Hi! Please sign in Home >  Support > Technical FAQs

Technical FAQs
Question Moxa’s Statement Regarding ICSA-18-011-02 on MXview Vulnerability
Question Type Security Advisory
Updated 3/13/2018 11:50:05 AM
Hits 1
Products MXview
Suggestions

Background

In December 2017, Moxa was contacted by ICS-CERT regarding reported security vulnerabilities of the MOXA MXview Network Management Software.
The ICS-CERT advisory can be seen here: https://ics-cert.us-cert.gov/advisories/ICSA-18-011-02

The reported vulnerabilities for these products are:

Item Vulnerability Type Impact
1 UNQUOTED SEARCH PATH OR ELEMENT The unquoted service path escalation vulnerability could allow an authorized user with file access to escalate privileges by inserting arbitrary code into the unquoted service path.

 

Affected Products and Solutions

  • MXview v2.8 or prior

 

Fixes

Affected Product Fix
MXview

Moxa has addressed these vulnerabilities in a new software version. You can download it from this link: https://www.moxa.com/support/sarch_result.aspx?prod_id=622&type_id=6&type=soft

 


Revision History:

Version Description Release Date
1.0 First release March 12, 2018

 

Related Questions
Provide Feedback
Quality of this article
Poor                Excellent