"Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks"
Organizations using Moxa’s MXsecurity product have been informed about two potentially serious vulnerabilities that could be exploited by malicious hackers targeting operational technology (OT) networks. MXsecurity is an industrial network security management software designed for OT environments. Simon Janz, a security researcher, discovered recently that the product is impacted by a critical vulnerability that can be exploited remotely to bypass authentication (CVE-2023-33235) and a high-severity flaw in the SSH command-line interface that can lead to remote command execution (CVE-2023-33236). Moxa patched the security holes with the release of version 1.0.1. Advisories for the two bugs have been published by the US Cybersecurity and Infrastructure Security Agency (CISA), which noted that the impacted product is used worldwide in multiple sectors.