Moxa EDR-G903, EDR-G902, and EDR-810 Secure Router Vulnerability
Low Risk1edr-g903-g902-810-secure-router-vulnerabilityOct 29, 2020
Summary
A vulnerability in Moxa EDR-G903, EDR-G902, and EDR-810 Series Secure Routers allows improper restriction of operations (CWE-119, CVE-2020-28144). An attacker sending crafted requests to the device may cause it to operate outside its intended restrictions, affecting routing, filtering, or policy enforcement functions.
What this means
What could happen
An attacker sending specially crafted requests to an EDR-G903, EDR-G902, or EDR-810 router could cause the device to operate outside its intended restrictions, potentially affecting network routing or filtering functions that protect your control system network.
Who's at risk
Water utilities, electric utilities, and other critical infrastructure operators using Moxa EDR-G903, EDR-G902, or EDR-810 secure routers in their control system networks should assess this vulnerability, particularly if the routers handle traffic between control zones or provide secure remote access.
How it could be exploited
An attacker with network access to the router's management interface or data ports could send specially crafted requests that bypass operational restrictions. This could allow them to modify routing rules, disable filtering, or alter security policies on the device.
Prerequisites
- Network access to the Moxa EDR router
- Ability to send HTTP or management protocol requests to the device
remotely exploitableno patch available for EDR-G903
Exploitability
Moderate exploit probability (EPSS 2.8%)
Affected products (1)
ProductAffected VersionsFix Status
EDR-G903All versionsNo fix (EOL)
Remediation & Mitigation
0/3
Do now
0/1WORKAROUNDRestrict network access to the router's management interface using firewall rules; only allow connections from authorized engineering workstations
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXContact Moxa to determine if a patched firmware version is available for your router model and apply it during a maintenance window
Mitigations - no patch available
0/1EDR-G903 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGImplement network segmentation to isolate the router from untrusted networks and limit which devices can send requests to it
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/b2c73934-7388-41a1-a704-876f2c064f0f