ICSA-16-308-01
·
Published 2025-06-05
·
View on CISA ICS-CERT ↗
Moxa OnCell Security Vulnerabilities
CVSS 9.1
CRITICAL
CVEs (2)
Remediations
- Moxa recommends that users disable HTTP/HTTPS after completing required configuration through web browser interface. Users can access via SNMP to enable HTTP/HTTPS if needed. If remote control or monitoring is required, users should enable “IP Protocol Filter” feature of OnCell/AWK products to prevent any unauthorized access to the administrative web management interface.
- Patches have been released for OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RTG Series, AWK-3131-M12-RCC Series, AWK-5232-M12-RCC Series.
- No future updates are planned for the following models: TAP-6226 Series, AWK-3121/4121 Series, AWK-3131/4131 Series, AWK-5222/6222 Series.
- Users should contact Moxa if further assistance is needed for these models at: (https://www.moxa.com/en/support/support/technical-support)
Affected Vendors
Moxa
Affected Products (14)
Moxa
·
OnCell G3470A-LTE
vers:all/*
Moxa
·
OnCell AWK-1131A/3131A/4131A Series
vers:all/*
Moxa
·
OnCell AWK-3191 Series
vers:all/*
Moxa
·
OnCell AWK-5232/6232 Series
vers:all/*
Moxa
·
OnCell AWK-1121/1127 Series
vers:all/*
Moxa
·
OnCell WAC-1001 V2 Series
vers:all/*
Moxa
·
WAC-2004 Series
vers:all/*
Moxa
·
OnCell AWK-3121-M12-RTG Series
vers:all/*
Moxa
·
OnCell AWK-3131-M12-RCC Series
vers:all/*
Moxa
·
OnCell AWK-5232-M12-RCC Series
vers:all/*
Moxa
·
OnCell TAP-6226 Series
vers:all/*
Moxa
·
OnCell AWK-3121/4121 Series
vers:all/*
Moxa
·
OnCell AWK-3131/4131 Series
vers:all/*
Moxa
·
OnCell AWK-5222/6222 Series
vers:all/*
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more