Taiwanese firm Moxa has launched a safety replace to deal with a essential safety flaw impacting its PT switches that might allow an attacker to bypass authentication ensures.
The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 rating of 9.2 out of a most of 10.0.
“A number of Moxa PT switches are weak to an authentication bypass due to flaws of their authorization mechanism,” the corporate stated in an advisory launched final week.
“Regardless of client-side and back-end server verification, attackers can exploit weaknesses in its implementation. This vulnerability could allow brute-force assaults to guess legitimate credentials or MD5 collision assaults to forge authentication hashes, probably compromising the safety of the gadget.”
Profitable exploitation of the shortcoming, in different phrases, may result in an authentication bypass and permit an attacker to achieve unauthorized entry to delicate configurations or disrupt companies.
The flaw impacts the next variations –
- PT-508 Collection (Firmware model 3.8 and earlier)
- PT-510 Collection (Firmware model 3.8 and earlier)
- PT-7528 Collection (Firmware model 5.0 and earlier)
- PT-7728 Collection (Firmware model 3.9 and earlier)
- PT-7828 Collection (Firmware model 4.0 and earlier)
- PT-G503 Collection (Firmware model 5.3 and earlier)
- PT-G510 Collection (Firmware model 6.5 and earlier)
- PT-G7728 Collection (Firmware model 6.5 and earlier), and
- PT-G7828 Collection (Firmware model 6.5 and earlier)
Patches for the vulnerability will be obtained by contacting the Moxa Technical Assist crew. The corporate credited Artem Turyshev from Moscow-based Rosatom Automated Management Methods (RASU) for reporting the vulnerability.
Exterior apply the newest fixes, corporations utilizing the affected merchandise are really useful to limit community entry utilizing firewalls or entry management lists (ACLs), implement community segmentation, decrease direct publicity to the web, implement multi-factor authentication (MFA) for accessing essential methods, allow occasion logging, and monitor community site visitors and gadget conduct for uncommon actions.
It is value noting that Moxa resolved the identical vulnerability within the Ethernet change EDS-508A Collection, operating firmware model 3.11 and earlier, again in mid-January 2025.
The event comes a little bit over two months after Moxa rolled out patches for 2 safety vulnerabilities impacting its mobile routers, safe routers, and community safety home equipment (CVE-2024-9138 and CVE-2024-9140) that might enable privilege escalation and command execution.
Final month, it additionally addressed a number of high-severity flaws affecting numerous switches (CVE-2024-7695, CVE-2024-9404, and CVE-2024-9137) that might end in a denial-of-service (DoS) assault, or command execution.