The French Computer Emergency Response Team (CERT-FR) has issued a warning regarding multiple vulnerabilities detected in Moxa products, particularly impacting Supervisory Control and Data Acquisition (SCADA) systems. The vulnerabilities pose significant risks to data integrity, security policy bypass, remote denial of service attacks, arbitrary remote code execution, and privilege escalation.
The affected systems include:
- TN-5900 series versions prior to 3.4
- TN-4900 series all versions without the latest security patch
- NPort IAW5000A-I/O series all versions without the latest security patch
These vulnerabilities could potentially allow attackers to execute arbitrary code remotely, escalate privileges, and compromise data integrity. The severity of these issues underscores the importance of prompt action to secure these systems.
Moxa has released security bulletins to address these vulnerabilities, urging users to implement the necessary patches as a priority. More information and the required fixes can be found in the provided documentation.
Users are encouraged to follow the CERT-FR advisory closely and apply the appropriate security measures to safeguard their systems against potential exploits.
For more details, refer to the provided documentation and security bulletins:
This serves as a reminder of the critical role that cybersecurity plays in safeguarding sensitive systems and data against evolving threats.