CVE-2019-19707
Description
On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware through 6.0), denial of service can occur via PROFINET DCE-RPC endpoint discovery packets.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Denial of service in Moxa EDS-G508E, G512E, G516E switches via PROFINET DCE-RPC packets can cause device out of service.
Vulnerability
The vulnerability resides in the PROFINET DCE-RPC endpoint discovery packet handling of Moxa EDS-G508E, EDS-G512E, and EDS-G516E series Ethernet switches running firmware version 6.0 or lower [1]. An attacker can trigger a denial of service condition by sending specially crafted PROFINET DCE-RPC endpoint discovery packets to the device.
Exploitation
An attacker with network access to the target switch can send PROFINET DCE-RPC endpoint discovery packets without authentication [1]. The attacker does not require any special privileges or user interaction. Sending these packets causes the device to go out of service.
Impact
Successful exploitation leads to a denial of service condition, rendering the switch unresponsive and disrupting network operations [1]. The device may require manual intervention to recover.
Mitigation
Moxa has developed a security patch for the affected products. Users should contact Moxa Technical Support to obtain the patch [1]. There is no workaround disclosed in the available references. Until the patch is applied, affected devices remain vulnerable.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Moxa/EDS-G508E, EDS-G512E, and EDS-G516E devicesdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.