Affected Products:
1. Improper Authentication (CVE-2022-41758)
The affected products and firmware versions are shown below.
Product Series |
Affected Versions |
TN-5916 Series |
Firmware version v3.2 or lower |
2. Improper Input Validation (CVE-2022-41759)
The affected products and firmware versions are shown below.
Product Series |
Affected Versions |
EDR-810 Series |
Firmware v5.12 or lower. |
EDR-G902 Series |
Firmware v5.7 or lower. |
EDR-G903 Series |
Firmware v5.7 or lower. |
TN-4900 Series |
Firmware v1.0. |
Solutions:
Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.
Acknowledgment:
We would like to express our appreciation to Simon Janz from Code White Security for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers.
Revision History:
VERSION |
DESCRIPTION |
RELEASE DATE |
1.0 |
First Release |
Nov 24, 2022 |