Affected Products:
The affected products and firmware versions are shown below.
Product Series |
Affected Versions |
EDR-G902 Series |
Firmware Version 5.4 or lower |
EDR-G903 Series |
Firmware Version 5.4 or lower |
Solutions:
Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.
Product Series |
Solutions |
EDR-G902 Series |
Please download the new firmware here. |
EDR-G903 Series |
Please download the new firmware here. |
Acknowledgment:
We would like to express our appreciation to Tal Keren from Claroty for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers.
Revision History:
VERSION |
DESCRIPTION |
RELEASE DATE |
1.0 |
First Release |
Jun 15, 2020 |
1.1 |
Added the reference information that includes CVE-ID, CWE and ICS-CERT's security advisory |
Jul 16, 2020 |