Hi! Please sign in Home >  Support > Technical FAQs

Technical FAQs
Question NPort 5210, 5230, and 5232 Serial Device Server SYN Flood Vulnerability
Question Type Security Advisory
Updated 8/7/2018 8:24:32 PM
Hits 1
Products
Suggestions

Summary

Version: 1.0
Reference: ICSA-18-200-04

On April 9th 2018, Moxa was contacted by ICS-CERT regarding a reported security vulnerability in Moxa’s NPort 5210, 5230, and 5232 Series. The ICS-CERT advisory can be found here: https://ics-cert.us-cert.gov/advisories/ICSA-18-200-04

The reported vulnerability for these products is as follows:
Successful exploitation of this vulnerability could allow a remote attacker to send TCP SYN packages, which can result in the device becoming unavailable due to resource exhaustion

 

Affected Products and Solutions

*Affected Products

- NPort 5210, 5230, and 5232 Series with Firmware v2.9 Build 17030709 or prior

*Solutions

Moxa has addressed this vulnerability in a new firmware release for the NPort 5210, 5230, 5232 Series. You can download it from this link:
https://www.moxa.com/support/download.aspx?type=support&id=904

Revision History:

Version Description Release Date
1.0 First release August 7, 2018

 

Related Questions
Provide Feedback
Quality of this article
Poor                Excellent