← Back to home
ICSA-16-264-01  ·  Published 2025-06-09  ·  View on CISA ICS-CERT ↗

Moxa Active OPC Server Unquoted Service Path Escalation Vulnerability

CVSS 8.8 HIGH

CVEs (1)

Remediations

  • Moxa recommends replacing existing Active OPC Server installations with the new software MX-AOPC UA server. Active OPC Server is nearing end of life by the end of 2016, and no further updates will be issued.
  • For existing Active OPC installations, Moxa suggests upgrading to Active OPC Server Version 2.4.19.
  • If more information about patching is needed, Moxa recommends contacting the Moxa Technical Support team or by visiting the Moxa technical support web page at: (http://www.moxa.com/support)

Affected Vendors

Moxa

Affected Products (1)

Moxa · Active OPC Server <2.4.19

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more