October 24, 2019

CISA has updated this advisory with additional technical details on the affected products and mitigation measures. Read the advisory at CISA.

February 26, 2019

The NCCIC has published an advisory on numerous types of vulnerabilities in Moxa IKS, EDS. Numerous products and versions of these products are affected. Successful exploitation of these vulnerabilities could allow the reading of sensitive information, remote code execution, arbitrary configuration changes, authentication bypass, sensitive data capture, reboot of the device, device crash, or full compromise of the device. Moxa recommends users implement a series of measures to mitigate the vulnerabilities. The NCCIC also advises of a series of measures to mitigate the vulnerabilities. Read the advisory at NCCIC/ICS-CERT.