Taiwanese firm Moxa has launched a safety replace to handle a vital safety flaw impacting its PT switches that would allow an attacker to bypass authentication ensures.
The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 rating of 9.2 out of a most of 10.0.
“A number of Moxa PT switches are weak to an authentication bypass due to flaws of their authorization mechanism,” the corporate said in an advisory launched final week.
“Regardless of client-side and back-end server verification, attackers can exploit weaknesses in its implementation. This vulnerability might allow brute-force assaults to guess legitimate credentials or MD5 collision assaults to forge authentication hashes, doubtlessly compromising the safety of the gadget.”
Profitable exploitation of the shortcoming, in different phrases, might result in an authentication bypass and permit an attacker to realize unauthorized entry to delicate configurations or disrupt companies.
The flaw impacts the next variations –
- PT-508 Sequence (Firmware model 3.8 and earlier)
- PT-510 Sequence (Firmware model 3.8 and earlier)
- PT-7528 Sequence (Firmware model 5.0 and earlier)
- PT-7728 Sequence (Firmware model 3.9 and earlier)
- PT-7828 Sequence (Firmware model 4.0 and earlier)
- PT-G503 Sequence (Firmware model 5.3 and earlier)
- PT-G510 Sequence (Firmware model 6.5 and earlier)
- PT-G7728 Sequence (Firmware model 6.5 and earlier), and
- PT-G7828 Sequence (Firmware model 6.5 and earlier)
Patches for the vulnerability might be obtained by contacting the Moxa Technical Support workforce. The corporate credited Artem Turyshev from Moscow-based Rosatom Automated Management Programs (RASU) for reporting the vulnerability.
Exterior apply the most recent fixes, firms utilizing the affected merchandise are advisable to limit community entry utilizing firewalls or entry management lists (ACLs), implement community segmentation, reduce direct publicity to the web, implement multi-factor authentication (MFA) for accessing vital programs, allow occasion logging, and monitor community visitors and gadget habits for uncommon actions.
It is price noting that Moxa resolved the identical vulnerability within the Ethernet change EDS-508A Sequence, operating firmware model 3.11 and earlier, again in mid-January 2025.
The event comes just a little over two months after Moxa rolled out patches for 2 safety vulnerabilities impacting its mobile routers, safe routers, and community safety home equipment (CVE-2024-9138 and CVE-2024-9140) that would enable privilege escalation and command execution.
Final month, it additionally addressed multiple high-severity flaws affecting various switches (CVE-2024-7695, CVE-2024-9404, and CVE-2024-9137) that would lead to a denial-of-service (DoS) assault, or command execution.
Source link