Moxa Nport 5210 5230 5232 (ICSA-18-200-04) – Product Used in the Energy Sector

The NCCIC has released an advisory on a resource exhaustion vulnerability in Moxa Nport 5210 5230 5232. Versions 2.9 build 17030709 and prior are affected. Successful exploitation of this vulnerability could allow a remote attacker to send TCP SYN packages, causing a resource exhaustion condition that would cause the device to become unavailable. Moxa recommends that users upgrade to the latest firmware version. The NCCIC also recommends a series of defensive measures to minimize the risk of exploitation of these vulnerabilities. NCCIC/ICS-CERT.