OTPulse
FeedAboutContact

RISS SRL MOMA Seismic Station

Act Now9.1ICS-CERT ICSA-26-034-03Feb 3, 2026
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

MOMA Seismic Station versions 2.4.2520 and earlier contain an authentication bypass vulnerability that allows an unauthenticated attacker to trigger a denial-of-service condition via the network. Successful exploitation results in the seismic station becoming unresponsive and unable to collect or transmit earthquake monitoring data. RISS SRL has not released a patch or responded to coordination requests from CISA.

What this means
What could happen
An attacker could cause the MOMA Seismic Station to become unavailable or stop responding, disrupting real-time seismic monitoring and alerting capabilities for earthquake early warning systems.
Who's at risk
Organizations operating earthquake early warning systems and seismic monitoring networks should prioritize this. This affects seismic stations used by geological surveys, disaster management agencies, and critical infrastructure operators (dams, power plants, hospitals) that rely on real-time earthquake detection to trigger automated protective responses.
How it could be exploited
An attacker with network access to the MOMA Seismic Station could send specially crafted requests to trigger a denial-of-service condition without needing to log in or authenticate. The device would become unresponsive, halting its ability to collect and transmit seismic data.
Prerequisites
  • Network access to MOMA Seismic Station
  • No authentication required
remotely exploitableno authentication requiredlow complexityno patch available
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
MOMA Seismic Station: <=v2.4.2520≤ v2.4.2520No fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
HOTFIXContact RISS SRL at info@riss-srl.com to determine if a firmware update or security patch is available for your specific MOMA Seismic Station deployment
WORKAROUNDImplement network-level access controls to restrict inbound connections to the MOMA Seismic Station to trusted monitoring and alert system servers only
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGSegment the seismic monitoring network from the general corporate network and internet-facing systems to limit the device's exposure
HARDENINGMonitor the device for signs of unavailability or unresponsive behavior and establish a manual fallback procedure to notify emergency responders if the seismic station goes offline
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/46d7c19e-a799-4597-9c59-382fa0f7168c