23 July 2018
Dangerous vulnerability fixed in Moxa NPort serial network interface devices
Moxa has fixed a dangerous vulnerability in NPort 5210, 5230 and 5232 serial network interface devices. A remote attacker could exploit the vulnerability by sending specially crafted SYN packets to cause a resource exhaustion condition and render the device unavailable.
The vulnerability affects devices with firmware versions 2.9 build 17030709 and prior.
The problem is due to uncontrolled resource consumption (CVE-2018-10632). A CVSS v.3 base score of 7.5 has been calculated for the vulnerability.
To fix this issue, updating the firmware of affected devices to the latest version is recommended.