Over the weekend, industrial networking communications provider Moxa sent a security advisory warning of two high-severity vulnerabilities that impact various models of its cellular routers, secure routers, and network security appliances. These vulnerabilities can potentially lead to privilege escalation and OS command injection allowing attackers to gain root-level access, lead to system compromise, data exposure, service disruption, and allow attackers to execute arbitrary code. Members who may use the Moxa routers or security appliances are highly encouraged to review the advisory and apply the applicable patches and/or mitigations.
CVE-2024-9140 allows attackers to exploit special characters to bypass input restrictions, potentially leading to unauthorized command execution. It recorded a CVSS 3.1 score of 9.8 and a CVSS 4.0 score of 9.3.
The CVE-2024-9138 vulnerability involves hard-coded credentials and could allow an authenticated user to escalate privileges and gain root-level access to the system. The vulnerability recorded 7.2 on the CVSS 3.1 scale, and 8.6 on the CVSS 4.0 scale.
Moxa has shared a list of affected products and versions in their advisory and has developed appropriate solutions to address each affected product. While Moxa has developed an update for each product series, they noted that the NAT-102 series does not currently have an official patch and affected users are referred to the mitigations section to address this series accordingly. For more information, visit Bleeping Computer or Industrial Cyber.
Additional Resources:
