CISA has published an advisory on improper access control, use of hard-coded cryptographic key, os command injection, use of hard-coded credentials, classic buffer overflow, out-of-bounds read, stack-based buffer overflow, improper access control, and authentication bypass using an alternate path or channel vulnerabilities in Moxa AWK-3131A. Versions 1.13 and prior are affected. Successful exploitation of these vulnerabilities could allow an attacker to gain control of the device and remotely execute arbitrary code. Moxa has created a security patch to mitigate these vulnerabilities. CISA also recommends a series of measures to mitigate the vulnerabilities. Read the advisory at CISA.