Moxa NPort Device Vulnerabilities

Number: AV16-199
Date: 13 December 2016


The purpose of this advisory is to bring attention to multiple vulnerabilities in Moxa NPort Devices.


Moxa NPort devices are serial to ethernet device servers and industrial controllers. This industrial grade class of device is used to control legacy serial devices on modern IP networks. They can be found in various locations including remote field locations and perform various common administrative functions. Successful exploitation of these vulnerabilities can include denial of service, authentication bypass and complete compromise of an affected system.

CVE References: CVE-2016-9361, CVE-2016-9369, CVE-2016-9363, CVE-2016-9371, CVE-2016-9365, CVE-2016-9366, CVE-2016-9348 & CVE-2016-9367

Suggested Action

CCIRC recommends that owner/operators test and deploy the vendor released updates or workarounds to affected platforms accordingly.


NPort 5110 Version 2.6:

NPort 5130/5150 Series Version 3.6:

NPort 5200 Series Version 2.8:

NPort 5400 Series Version 3.11:
NPort 5600 Series Version 3.7:

NPort 5100A Series & NPort P5150A Version 1.3:

NPort 5200A Series Version 1.3:

NPort 5150AI-M12 Series Version 1.2:

NPort 5250AI-M12 Series Version 1.2:

NPort 5450AI-M12 Series Version 1.2:

NPort 5600-8-DT Series Version 2.4:

NPort 5600-8-DTL Series Version 1.3:

NPort 6x50 Series Version 1.14:

NPort IA5450A Version 1.4:

Note to Readers

In support of Public Safety's mission to build a safe and resilient Canada, CCIRC's mandate is to help ensure the security and resilience of the vital non-federal government cyber systems that underpin Canada's national security, public safety and economic prosperity. As Canada's computer security incident response team, CCIRC is Canada's national coordination centre for the prevention and mitigation of, preparedness for, response to, and recovery from cyber incidents on non-federal government systems. It does this by providing authoritative advice and support, and coordinating information sharing and incident response.

Please note, CCIRC PGP key has recently been updated.

For general information, please contact Public Safety Canada's Public Affairs division at:

Telephone: 613-944-4875 or 1-800-830-3118
Fax: 613-998-9589

Date modified: