Taiwanese firm Moxa has launched a safety replace to handle a essential safety flaw impacting its PT switches that might allow an attacker to bypass authentication ensures.
The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 rating of 9.2 out of a most of 10.0.
“A number of Moxa PT switches are susceptible to an authentication bypass due to flaws of their authorization mechanism,” the corporate said in an advisory launched final week.
“Regardless of client-side and back-end server verification, attackers can exploit weaknesses in its implementation. This vulnerability might allow brute-force assaults to guess legitimate credentials or MD5 collision assaults to forge authentication hashes, probably compromising the safety of the gadget.”
Profitable exploitation of the shortcoming, in different phrases, may result in an authentication bypass and permit an attacker to realize unauthorized entry to delicate configurations or disrupt companies.
The flaw impacts the next variations –
- PT-508 Collection (Firmware model 3.8 and earlier)
- PT-510 Collection (Firmware model 3.8 and earlier)
- PT-7528 Collection (Firmware model 5.0 and earlier)
- PT-7728 Collection (Firmware model 3.9 and earlier)
- PT-7828 Collection (Firmware model 4.0 and earlier)
- PT-G503 Collection (Firmware model 5.3 and earlier)
- PT-G510 Collection (Firmware model 6.5 and earlier)
- PT-G7728 Collection (Firmware model 6.5 and earlier), and
- PT-G7828 Collection (Firmware model 6.5 and earlier)
Patches for the vulnerability will be obtained by contacting the Moxa Technical Support workforce. The corporate credited Artem Turyshev from Moscow-based Rosatom Automated Management Programs (RASU) for reporting the vulnerability.
Exterior apply the newest fixes, firms utilizing the affected merchandise are really useful to limit community entry utilizing firewalls or entry management lists (ACLs), implement community segmentation, decrease direct publicity to the web, implement multi-factor authentication (MFA) for accessing essential programs, allow occasion logging, and monitor community visitors and gadget habits for uncommon actions.
It is price noting that Moxa resolved the identical vulnerability within the Ethernet change EDS-508A Collection, operating firmware model 3.11 and earlier, again in mid-January 2025.
The event comes a little bit over two months after Moxa rolled out patches for 2 safety vulnerabilities impacting its mobile routers, safe routers, and community safety home equipment (CVE-2024-9138 and CVE-2024-9140) that might permit privilege escalation and command execution.
Final month, it additionally addressed multiple high-severity flaws affecting various switches (CVE-2024-7695, CVE-2024-9404, and CVE-2024-9137) that might end in a denial-of-service (DoS) assault, or command execution.
