Ethical Hacking News
Moxa has issued warnings about two critical vulnerabilities in its cellular and secure routers. These vulnerabilities, identified by security researcher Lars Haulin, pose significant risks to the security and integrity of devices and networks that rely on Moxa's products. The affected devices include the EDR-810 Series, EDR-8010 Series, EDR-G902 Series, among others. Firmware updates are available for most affected models.
Moxa has warned of two high-severity vulnerabilities impacting its cellular routers, secure routers, and network security appliances. CVE-2024-9138 is a hard-coded credentials vulnerability with a CVSS score of 8.6. CVE-2024-9140 allows attackers to exploit special characters to bypass input restrictions. Moxa's products that are affected by these vulnerabilities include multiple series and models. Patches have been made available for affected devices through firmware upgrades to version 3.14 or later. Users should not expose their devices to the internet, limit SSH access, and implement measures to detect and prevent exploitation attempts.
In a recent alert, Taiwan-based Moxa has warned of two high-severity vulnerabilities impacting its cellular routers, secure routers, and network security appliances. These vulnerabilities, identified by security researcher Lars Haulin, pose significant risks to the security and integrity of devices and networks that rely on Moxa's products.
The first vulnerability, CVE-2024-9138, is classified as a hard-coded credentials vulnerability with a CVSS score of 8.6. This means that an authenticated user could potentially escalate privileges and gain root-level access to the system, leading to serious consequences such as system compromise, unauthorized modifications, data exposure, or service disruption.
The second vulnerability, CVE-2024-9140, allows attackers to exploit special characters to bypass input restrictions, potentially leading to unauthorized command execution. This vulnerability has a CVSS score of 9.3, indicating its high impact and severity.
Moxa's products that are affected by these vulnerabilities include the EDR-810 Series, EDR-8010 Series, EDR-G902 Series, EDR-G903 Series, EDR-G9004 Series, EDR-G9010 Series, EDF-G1002-BP Series, NAT-102 Series, OnCell G4302-LTE4 Series, and TN-4900 Series. Firmware versions 5.12.37 and earlier for the EDR-810 Series, firmware version 3.13.1 and earlier for the EDR-8010 Series, and firmware version 5.7.25 and earlier for the EDR-G902 Series are particularly vulnerable to this vulnerability.
Fortunately, patches have been made available for affected devices. Users of Moxa's products can upgrade their firmware to versions 3.14 or later for the EDR-810 Series, 3.14 or later for the EDR-8010 Series, and 3.14 or later for the EDR-G902 Series. Similarly, users of the EDR-G903 Series, EDR-G9004 Series, EDR-G9010 Series, EDF-G1002-BP Series, NAT-102 Series, OnCell G4302-LTE4 Series, and TN-4900 Series can upgrade their firmware to version 3.14 or later.
To mitigate these vulnerabilities, security experts recommend that devices are not exposed to the internet, limiting SSH access to trusted IP addresses and networks using firewall rules or TCP wrappers, and implementing measures to detect and prevent exploitation attempts.
The discovery of these vulnerabilities highlights the importance of regular firmware updates and secure configuration practices. It also serves as a reminder that even seemingly secure devices can have hidden weaknesses that need to be addressed.
As cybersecurity threats continue to evolve, it is essential for organizations to stay vigilant and proactive in protecting their networks and devices from such vulnerabilities.
Related Information:
https://thehackernews.com/2025/01/moxa-alerts-users-to-high-severity.html
https://nvd.nist.gov/vuln/detail/CVE-2024-9138
https://www.cvedetails.com/cve/CVE-2024-9138/
https://nvd.nist.gov/vuln/detail/CVE-2024-9140
https://www.cvedetails.com/cve/CVE-2024-9140/
Published: Tue Jan 7 12:24:07 2025 by llama3.2 3B Q4_K_M
