Moxa MB3xxx Series Protocol Gateways

Risk Summary

Successful exploitation of these vulnerabilities could crash the device, cause a buffer overflow, allow remote execution of arbitrary code, or allow access to sensitive information.

CVEs (8)

Remediations

• MB3170 Series: Download the new firmware.
• MB3270 Series: Download the new firmware.
• MB3180 Series: Download the new firmware. Moxa also recommends users follow below instructions to mitigate potential risks:',https://www.moxa.com/support/product-support/software-and-documentation/search?psid=56829icsa-20-056-01.json ,vendor_fix,Upgrade to the latest firmware and disable HTTP and Telnet communications.,emptyicsa-20-056-01.json,vendor_fix,Use Moxa utilities (MGate Manager NPort Administration Suite Utility) to change device configurations or monitor the device status remotely.'
• Use a VPN tunnel for a secure and protected connection between the devices and host PC.
• MB3280 Series: Download the new firmware.
• MB3480 Series: Download the new firmware.
• MB3660 Series: Download the new firmware.
• Please see Moxa's security advisory for more information.
• MB3180 Series: Download the new firmware. Moxa also recommends users follow below instructions to mitigate potential risks:',https://www.moxa.com/support/product-support/software-and-documentation/search?psid=56829icsa-20-056-01.json,vendor_fix,Upgrade to the latest firmware and disable HTTP and Telnet communications.,emptyicsa-20-056-01.json,vendor_fix,Use Moxa utilities (MGate Manager NPort Administration Suite Utility) to change device configurations or monitor the device status remotely.'

Affected Vendors

Affected Products (6)

Affected Sectors

Critical Manufacturing, Energy, Water and Wastewater Systems