Nport 6000 Series
Monthly
Serial device servers in the Moxa NPort 6000 and CN2600 product lines expose a command port that accepts break signal commands without verifying the sender holds a valid associated data port session. Remote unauthenticated attackers with network access to the command port can disrupt active serial communication sessions, causing a denial of service for any device or system relying on that serial link. No public exploit has been identified at time of analysis, and the vulnerability has not been added to the CISA KEV catalog.
Serial device servers in the Moxa NPort 6000 and CN2600 product lines expose a command port that accepts break signal commands without verifying the sender holds a valid associated data port session. Remote unauthenticated attackers with network access to the command port can disrupt active serial communication sessions, causing a denial of service for any device or system relying on that serial link. No public exploit has been identified at time of analysis, and the vulnerability has not been added to the CISA KEV catalog.