Product support

Security Advisories

SUMMARY

Moxa’s Response Regarding SSLv2 Vulnerabilities (DROWN, CVE-2016-0800)

  • Version: V1.0
  • Release Date: Mar 31, 2016
  • Reference:
    • CVE-2018-0800

Moxa has verified that some of its products are impacted by the SSLv2 vulnerability, CVE-2016-0800. Also known as “DROWN” vulnerability, this vulnerability could allow data, including passwords and encryption keys, to be read from affected systems.

Moxa's Cyber Security Response Team (CSRT) is fully engaged in this matter and we are taking appropriate action. If there are any updates to the status of the vulnerabilities or how these affect Moxa's products, we will provide an update immediately.

AFFECTED PRODUCTS AND SOLUTIONS

Affected Products:

The affected products and firmware versions are shown below.

Product Category Product Series Affected Versions
Controllers and I/Os ioPAC8500 Series Firmware Version 1.9 or lower
ioPAC8500-IEC Series Firmware Edition 1.4 or lower
ioPAC8600 Series Firmware Edition 1.2 or lower
ioPAC8600-IEC Series Firmware Edition 1.2 or lower
ioLogik 2500 Series Firmware Edition 2.1 or lower
Protocol Gateways MGate 5101-PBM-MN Series Firmware Edition 1.1 or lower
MGate 5102-PBM-PN Firmware Edition 1.2 or lower
MGate 5105-MB-EIP Firmware Edition 1.1 or lower
Serial Device Servers NPort W2150A/W2250A Series Firmware Edition 1.9 or lower
MiiNePort W1 Series Firmware Edition 1.1 or lower
NPort S8000 Firmware Edition 1.5 or lower
NPort 6100/6200 Series Firmware Edition 1.13 or lower
NPort 6400/6600 Series Firmware Edition 1.13 or lower
Ethernet Switches










 
EDS-505A Series Firmware Edition 3.4 or lower
EDS-508A Series Firmware Edition 3.4 or lower
EDS-510A Series Firmware Edition 3.4 or lower
EDS-516A Series Firmware Edition 3.4 or lower
EDS-518A Series Firmware Edition 3.4 or lower
EDS-510E Series Firmware Edition 4.1 or lower
EDS-518E Series Firmware Edition 4.1 or lower
EDS-G508E Series Firmware Edition 4.2 or lower
EDS-G512E Series Firmware Edition 4.2 or lower
EDS-G516E Series Firmware Edition 4.2 or lower
IKS-6726A Series Firmware Edition 4.1 or lower
IKS-6728A Series Firmware Edition 4.1 or lower
IKS-G6524A Series Firmware Edition 4.2 or lower
ICS-G7526A Series Firmware Edition 4.2 or lower
ICS-G7528A Series Firmware Edition 4.2 or lower
ICS-G7748A Series Firmware Edition 4.2 or lower
ICS-G7750A Series    Firmware Edition 4.2 or lower
ICS-G7752A Series Firmware Edition 4.2 or lower
IKS-G6824A Series Firmware Edition 4.5 or lower
ICS-G7826A Series Firmware Edition 4.5 or lower
ICS-G7828A Series Firmware Edition 4.5 or lower
ICS-G7848A Series Firmware Edition 4.5 or lower
ICS-G7850A Series Firmware Edition 4.5 or lower
ICS-G7852A Series Firmware Edition 4.5 or lower
IEX-402 Series (VDSL2 models) Firmware Edition 2.0 or lower
IEX-402 Series (SHDSL models) Firmware Edition 1.0 or lower
PT-508 Series Firmware Edition 3.8 or lower
PT-510 Series Firmware Edition 3.8 or lower
PT-G503 Series Firmware Edition 3.8 or lower
PT-7710 Series Firmware Edition 3.8 or lower
PT-7728 Series Firmware Edition 3.8 or lower
PT-7728 Series (PTP models) Firmware Edition 3.6 or lower
PT-7828 Series Firmware Edition 3.8 or lower
PT-G7509 Series Firmware Edition 3.8 or lower
PT-G7728 Series Firmware Edition 3.8 or lower
PT-G7828 Series Firmware Edition 3.8 or lower
PT-7528 Series Firmware Edition 4.0 or lower
TN-4500A Series Firmware Edition 3.2 or lower
TN-5500A Series (5508A/5510A models) Firmware Edition 3.6 or lower
TN-5500A Series (5516A/5518A models) Firmware Edition 3.7 or lower
TN-5800A Series Firmware Edition 3.5 or lower
TN-5916Series Firmware Edition 1.2 or lower
x86 Computers V2201 Series (Linux) Firmware Edition 1.1 or lower
Arm-based Computers DA-660A Series Firmware Edition 1.1 or lower
IA240 Series Firmware Edition 1.6 or lower
IA260 Series (LX models) Firmware Edition 1.1 or lower
IA261-I/IA262_I Series (LX models) Firmware Edition 1.1 or lower
UC-7100 Series (LX Plus model) Firmware Edition 1.4 or lower
UC-8410 Series (-LX models) Firmware Edition 2.1 or lower
UC-8416 Series (LX models) Firmware Edition 2.1 or lower
UC-8418 Series (LX models) Firmware Edition 2.1 or lower
UC-8430 Series (LX models) Firmware Edition 2.1 or lower
UC-8481 Series (LX models) Firmware Edition 1.4 or lower
UC-8100-Series Firmware Edition 1.3 or lower
UC-8410A-Series Firmware Edition 1.0 or lower
EM-2260 Series (LX models) Firmware Edition 1.1 or lower

 

Solutions:

Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.

Product Category Product Series Affected Versions
Controllers and I/Os ioPAC8500 Series Please contact Moxa Technical Support for assistance.
ioPAC8500-IEC Series Please contact Moxa Technical Support for assistance.
ioPAC8600 Series Please contact Moxa Technical Support for assistance.
ioPAC8600-IEC Series Please contact Moxa Technical Support for assistance.
ioLogik 2500 Series Please download new firmware here.
Protocol Gateways MGate 5101-PBM-MN Series Please download new firmware here.
MGate 5102-PBM-PN Please download new firmware here.
MGate 5105-MB-EIP Please download new firmware here.
Serial Device Servers NPort W2150A/W2250A Series Please download new firmware here.
MiiNePort W1 Series Please download new firmware here.
NPort S8000 Please download new firmware here.
NPort 6100/6200 Series Please download new firmware here.
NPort 6400/6600 Series Please download new firmware here.
Ethernet Switches










 
EDS-505A Series Please download new firmware here.
EDS-508A Series Please download new firmware here.
EDS-510A Series Please download new firmware here.
EDS-516A Series Please download new firmware here.
EDS-518A Series Please download new firmware here.
EDS-510E Series Please download new firmware here.
EDS-518E Series Please download new firmware here.
EDS-G508E Series Please download new firmware here.
EDS-G512E Series Please download new firmware here.
EDS-G516E Series Please download new firmware here.
IKS-6726A Series Please download new firmware here.
IKS-6728A Series Please download new firmware here.
IKS-G6524A Series Please download new firmware here.
ICS-G7526A Series Please download new firmware here.
ICS-G7528A Series Please download new firmware here.
ICS-G7748A Series Please download new firmware here.
ICS-G7750A Series    Please download new firmware here.
ICS-G7752A Series Please download new firmware here.
IKS-G6824A Series Please download new firmware here.
ICS-G7826A Series Please download new firmware here.
ICS-G7828A Series Please download new firmware here.
ICS-G7848A Series Please download new firmware here.
ICS-G7850A Series Please download new firmware here.
ICS-G7852A Series Please download new firmware here.
IEX-402 Series (VDSL2 models) Please contact Moxa Technical Support for assistance.
IEX-402 Series (SHDSL models) Please contact Moxa Technical Support for assistance.
PT-508 Series Please contact Moxa Technical Support for assistance.
PT-510 Series Please contact Moxa Technical Support for assistance.
PT-G503 Series Please contact Moxa Technical Support for assistance.
PT-7710 Series Please contact Moxa Technical Support for assistance.
PT-7728 Series Please contact Moxa Technical Support for assistance.
PT-7728 Series (PTP models) Please contact Moxa Technical Support for assistance.
PT-7828 Series Please contact Moxa Technical Support for assistance.
PT-G7509 Series Please contact Moxa Technical Support for assistance.
PT-G7728 Series Please contact Moxa Technical Support for assistance.
PT-G7828 Series Please contact Moxa Technical Support for assistance.
PT-7528 Series Please contact Moxa Technical Support for assistance.
TN-4500A Series Please download new firmware here.
TN-5500A Series (5508A/5510A models) Please contact Moxa Technical Support for assistance.
TN-5500A Series (5516A/5518A models) Please contact Moxa Technical Support for assistance.
TN-5800A Series Please contact Moxa Technical Support for assistance.
TN-5916Series Please contact Moxa Technical Support for assistance.
x86 Computers V2201 Series (Linux) Please contact Moxa Technical Support for assistance.
Arm-based Computers DA-660A Series Please download new firmware here.
IA240 Series Please download new firmware here.
IA260 Series (LX models) Please contact Moxa Technical Support for assistance.
IA261-I/IA262_I Series (LX models) Please contact Moxa Technical Support for assistance.
UC-7100 Series (LX Plus model) Please download new firmware here.
UC-8410 Series (-LX models) This product has been phased out, please contact Moxa Technical Support for assistance.
UC-8416 Series (LX models) This product has been phased out, please contact Moxa Technical Support for assistance.
UC-8418 Series (LX models) This product has been phased out, please contact Moxa Technical Support for assistance.
UC-8430 Series (LX models) This product has been phased out, please contact Moxa Technical Support for assistance.
UC-8481 Series (LX models) This product has been phased out, please contact Moxa Technical Support for assistance.
UC-8100-Series Please download new firmware here.
UC-8410A-Series Please download new firmware here.
EM-2260 Series (LX models) Please contact Moxa Technical Support for assistance.

 

Revision History:

 

VERSION DESCRIPTION RELEASE DATE
1.0 First Release Mar 31, 2016

Relevant Products

DA-660A Series · EDS-505A Series · EDS-508A Series · EDS-510A Series · EDS-510E Series · EDS-516A Series · EDS-518A Series · EDS-518E Series · EDS-G508E Series · EDS-G512E Series · EDS-G516E Series · EM-2260 Series · IA240 Series · IA260 Series · IA261-I/IA262-I Series · ICS-G7526A Series · ICS-G7528A Series · ICS-G7748A Series · ICS-G7750A Series · ICS-G7826A Series · ICS-G7828A Series · ICS-G7848A Series · ICS-G7850A Series · ICS-G7852A Series · IEX-402 Series · IKS-6726A Series · IKS-6728A Series · IKS-G6524A Series · IKS-G6824A Series · ioPAC 8500 Series · ioPAC 8600 Series · MGate 5101-PBM-MN Series · MGate 5102-PBM-PN Series · MGate 5105-MB-EIP Series · MiiNePort W1 Series · NPort 6100/6200 Series · NPort 6400/6600 Series · NPort S8000 Series · NPort W2150A/W2250A Series · PT-508 Series · PT-510 Series · PT-7528 Series · PT-7710 Series · PT-7728 Series · PT-7828 Series · PT-G503 Series · PT-G7509 Series · PT-G7728 Series · PT-G7828 Series · TN-4500A Series · TN-5500A Series · TN-5800A Series · TN-5900 Series · UC-7100 Series · UC-8100 Series · UC-8410 Series · UC-8410A Series · UC-8416/8418 Series · UC-8430 Series · UC-8481 Series · V2201 Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag
Feedback