Moxa NPort Device Vulnerabilities

Found by me and honeypots | 12/2/2016
Please note that ICS-CERT has released a new advisory regarding Moxa’s NPort serial device servers.

https://ics-cert.us-cert.gov/advisories/ICSA-16-336-02
 
I happens to have found one of the vulnerabilities, and I would recommend assets owners (and everyone else) who have the affected devices to have the firmware updated at your earliest convenience.

Moxa has released new firmware versions, which address the identified vulnerabilities in all but one of the affected NPort devices. Moxa recommends installing the new firmware version - further details can be found at the ICS-CERT advisory