[Control Systems] Moxa security advisory (AV26-509)

Serial number: AV26-509
Date: May 26, 2026

On May 26, 2026, Moxa published a security advisory to address vulnerabilities in the following products:

• UC-1200A/2200A/3400A/4400A/8600A/8200 Series – multiple versions and models
• V1200 Series – version MIL3 v1.2.0 and prior
• V3200 Series – version MIL3 v1.1 and prior
• V3400 Series – version MIL3 v1.1 and prior
• VM-1220 Series – version MIL3 v1.1.0 and prior
• ioThinx 4530 Series – version MIL3 v2.1 and prior
• AIG-302 Series – version v1.4.0 and prior
• AIG-502 Series – version v1.0.0
• BXP-A100 Series – version Debian 11 V1.0
• BXP-A101 Series – version Debian 12 V1.0
• DRP-A100 Series – version Debian 11 V1.0
• RKP-A110 Series – version Debian 11 V1.0
• RKP-C110 Series – version Debian 12 V1.0

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

• CVE-2026-31431, CVE-2026-43284, CVE-2026-43500: Copy Fail and Dirty Frag Vulnerabilities in Linux Kernel
• Moxa Security Advisories