Industrial networking and communications supplier Moxa is warning of a high-severity and a crucial vulnerability that impression varied fashions of its mobile routers, safe routers, and community safety home equipment.
The 2 seurity points permit distant attackers to get root privileges on weak units and to execute arbitrary instructions, which may result in arbitrary code execution.
Dangers on Moxa routers
Moxa units are utilized in environments with industrial automation and management techniques from transportation, utilities and vitality, and telecommunications sectors.
On Friday, the seller issued an pressing warning for the next two vulnerabilities:
CVE-2024-9138 (8.6, excessive severity rating): Laborious-coded credentials that allow authenticated customers to escalate privileges to root
CVE-2024-9140 (9.3, crucial severity rating): OS command injection flaw attributable to exploiting improper enter restrictions, resulting in arbitrary code execution
The second flaw is especially harmful as a result of it may be exploited by distant attackers.
Moxa has launched firmware updates that handle the vulnerabilities and notes that “speedy motion is strongly beneficial to stop potential exploitation and mitigate these dangers.”
The next units are impacted by each CVE-2024-9140 and CVE-2024-9138:
- EDR-8010 Collection on firmware 3.13.1 and earlier
- EDR-G9004 Collection on firmware 3.13.1 and earlier
- EDR-G9010 Collection on firmware 3.13.1 and earlier
- EDF-G1002-BP Collection on firmware 3.13.1 and earlier
- NAT-102 Collection on firmware 1.0.5 and earlier
- OnCell G4302-LTE4 Collection on firmware 3.13 and earlier
- TN-4900 Collection on firmware 3.13 and earlier
Moreover, EDR-810 Collection on firmware 5.12.37 and older, EDR-G902 Collection on firmware 5.7.25 and older, and TN-4900 Collection on firmware 3.13 and older are weak solely to CVE-2024-9138.
Customers of EDR-8010 Collection, EDR-G9004 Collection, EDR-G9010, and EDF-G1002-BP Collection ought to improve to firmware model 3.14, launched on December 31, 2024, to handle the issue.
It’s advisable to comply with the obtain hyperlinks for every system mannequin supplied on Moxa’s bulletin to acquire the official firmware pictures.
Admins of OnCell G4302-LTE4 Collection and TN-4900 Collection are suggested to contact Moxa assist to obtain steering on patching.
For the NAT-102 Collection, there’s at the moment no patch obtainable, and directors are beneficial to use mitigations.
Moxa suggests limiting the system’s community publicity and SSH entry and utilizing firewalls, IDS, or an Intrusion Prevention System (IPS) to observe and block exploitation makes an attempt.
The advisory explicitly mentions that the MRC-1002 Collection, TN-5900 Collection, and OnCell 3120-LTE-1 Collection units usually are not weak to both flaw.