Number: AV16-161
Date: 06 October 2016
Purpose
The purpose of this advisory is to bring attention to multiple vulnerabilities in the Moxa ioLogik series of Ethernet remote I/O devices.
Assessment
Successful exploitation of this vulnerability could potentially allow an attacker to gain access to the device, change settings and data on the target device.
Versions affected: ioLogik E2210, ioLogik E2212, ioLogik E2240, ioLogik E2262, ioLogik E1262 ,ioLogik E2260, ioLogik E2242, ioLogik E2214, ioLogik E1211, ioLogik E1212, ioLogik E1241, ioLogik E1242, ioLogik E1260, ioLogik E1210, ioLogik E1214, ioLogik E1240, ioLogik E1213, ioLogik E1261W-T, ioLogik E1261H-T and ioLogik E1263H-T
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates in accordance with the vendor’s documentation.