Security Enhancement: SSH Known Hard Coded Private Keys

Published: October 9, 2025

This Alert Is From MOXA

As Industrial IoT (IIoT) adoption continues to proliferate, cybersecurity has become one of the top priorities. The Moxa Product Security Incident Response Team (PSIRT) takes a proactive approach to protect products from cybersecurity vulnerabilities. Moxa PSIRT investigates all reports of vulnerabilities that could potentially affect Moxa products. Moxa created a vulnerability management policy to provide guidance and information to our customers in the event of a reported vulnerability. The management policy ensures that Moxa’s customers have steady, unambiguous resources to help them understand how Moxa resolves or mitigates reported vulnerabilities. For any queries, please email [email protected].

The product is running a service that is using a publicly known SSH private key. An attacker may use this key to decrypt intercepted traffic between users and the device. A remote attacker can also perform a man-in-the-middle attack in order to gain access to the system or modify data in transit.

(Source: Tenable Nessus)

To enhance the security of the product, users should implement appropriate mitigations or solutions to avoid potential security issue.

This alert has come from: https://www.moxa.com/en/support/product-support/security-advisory/mpsa-251372-security-enhancement-ssh-known-hard-coded-private-keys

Security Enhancement: SSH Known Hard Coded Private Keys

This Alert Is From MOXA

Cookie Consent

Necessary Cookies

Analytics Cookies

Marketing Cookies