You are here

Moxa EDR-G902 and EDR-G903 Series Routers (ICSA-20-196-02) – Product Used in the Energy Sector

Moxa EDR-G902 and EDR-G903 Series Routers (ICSA-20-196-02) – Product Used in the Energy Sector

Created: Thursday, July 16, 2020 - 11:28
Categories:
Cybersecurity

CISA has published an advisory on a stack-based buffer overflow vulnerability in Moxa EDR-G902 and EDR-G903 series routers. For EDR-G902 series, firmware versions 5.4 and prior are affected. For EDR-G903, firmware versions 5.4 and prior are affected. Successful exploitation of this vulnerability could crash the device being accessed; a buffer overflow condition may allow remote code execution. Moxa recommends users implement a patch to mitigate the vulnerability. CISA also recommends a series of measures to mitigate the vulnerability. Access the advisory at CISA.