Search

Find a vulnerability

Search criteria

    1 vulnerability found for EDS-4000 Series by Moxa

    CERTFR-2026-AVI-0016

    Vulnerability from certfr_avis - Published: 2026-01-09 - Updated: 2026-01-09

    Une vulnérabilité a été découverte dans les produits Moxa. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    Moxa EDS-4000 Series Séries EDS-G4014 versions antérieures à v4.1.58
    Moxa EDS-4000 Series Séries EDS-4012 versions antérieures à v4.1.58
    Moxa EDS-4000 Series Séries EDS-4014 versions antérieures à v4.1.58
    Moxa EDS-4000 Series Séries EDS-4009 versions antérieures à v4.1.58
    Moxa EDS-4000 Series Séries EDS-4008 versions antérieures à v4.1.58
    Moxa EDS-4000 Series Séries EDS-G4008 versions antérieures à v4.1.58
    Moxa RKS-G4000 Series RKS-G4028 versions antérieures à v5.0.4
    Moxa EDS-4000 Series Séries EDS-G4012 versions antérieures à v4.1.58
    Moxa RKS-G4000 Series RKS-G4028-L3 versions antérieures à v5.0.4
    References
    Bulletin de sécurité Moxa MPSA-256261 2026-01-09 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "S\u00e9ries EDS-G4014 versions ant\u00e9rieures \u00e0 v4.1.58",
          "product": {
            "name": "EDS-4000 Series",
            "vendor": {
              "name": "Moxa",
              "scada": true
            }
          }
        },
        {
          "description": "S\u00e9ries EDS-4012 versions ant\u00e9rieures \u00e0 v4.1.58",
          "product": {
            "name": "EDS-4000 Series",
            "vendor": {
              "name": "Moxa",
              "scada": true
            }
          }
        },
        {
          "description": "S\u00e9ries EDS-4014 versions ant\u00e9rieures \u00e0 v4.1.58",
          "product": {
            "name": "EDS-4000 Series",
            "vendor": {
              "name": "Moxa",
              "scada": true
            }
          }
        },
        {
          "description": "S\u00e9ries EDS-4009 versions ant\u00e9rieures \u00e0 v4.1.58",
          "product": {
            "name": "EDS-4000 Series",
            "vendor": {
              "name": "Moxa",
              "scada": true
            }
          }
        },
        {
          "description": "S\u00e9ries EDS-4008 versions ant\u00e9rieures \u00e0 v4.1.58",
          "product": {
            "name": "EDS-4000 Series",
            "vendor": {
              "name": "Moxa",
              "scada": true
            }
          }
        },
        {
          "description": "S\u00e9ries EDS-G4008 versions ant\u00e9rieures \u00e0 v4.1.58",
          "product": {
            "name": "EDS-4000 Series",
            "vendor": {
              "name": "Moxa",
              "scada": true
            }
          }
        },
        {
          "description": "RKS-G4028 versions ant\u00e9rieures \u00e0 v5.0.4",
          "product": {
            "name": "RKS-G4000 Series",
            "vendor": {
              "name": "Moxa",
              "scada": true
            }
          }
        },
        {
          "description": "S\u00e9ries EDS-G4012 versions ant\u00e9rieures \u00e0 v4.1.58",
          "product": {
            "name": "EDS-4000 Series",
            "vendor": {
              "name": "Moxa",
              "scada": true
            }
          }
        },
        {
          "description": "RKS-G4028-L3 versions ant\u00e9rieures \u00e0 v5.0.4",
          "product": {
            "name": "RKS-G4000 Series",
            "vendor": {
              "name": "Moxa",
              "scada": true
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2023-38408",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-38408"
        }
      ],
      "initial_release_date": "2026-01-09T00:00:00",
      "last_revision_date": "2026-01-09T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0016",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-01-09T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Moxa. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.",
      "title": "Vuln\u00e9rabilit\u00e9 dans les produits Moxa",
      "vendor_advisories": [
        {
          "published_at": "2026-01-09",
          "title": "Bulletin de s\u00e9curit\u00e9 Moxa MPSA-256261",
          "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256261-cve-2023-38408-openssh-vulnerability-in-ethernet-switches"
        }
      ]
    }