CVE-2024-9137

Summary

The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise.

Affected Software

VendorProductVersion RangeStatus
MoxaEDR-8010 Series1.0 <= 3.12.1affected
MoxaEDR-G9004 Series1.0 <= 3.12.1affected
MoxaEDR-G9010 Series1.0 <= 3.12.1affected
MoxaEDF-G1002-BP Series1.0 <= 3.12.1affected
MoxaNAT-102 Series1.0 <= 1.0.5affected
MoxaOnCell G4302-LTE4 Series1.0 <= 3.9affected
MoxaTN-4900 Series1.0 <= 3.6affected
MoxaEDS-608 Series1.0 <= 3.12affected
MoxaEDS-611 Series1.0 <= 3.12affected
MoxaEDS-616 Series1.0 <= 3.12affected
MoxaEDS-619 Series1.0 <= 3.12affected
MoxaEDS-405A Series1.0 <= 3.14affected
MoxaEDS-405A Series3.14.4unaffected
MoxaEDS-408A Series1.0 <= 3.12affected
MoxaEDS-408A Series3.14.6unaffected
MoxaEDS-505A Series1.0 <= 3.11affected
MoxaEDS-508A Series1.0 <= 3.11affected
MoxaEDS-510A Series1.0 <= 3.12affected
MoxaEDS-516A Series1.0 <= 3.11affected
MoxaEDS-518A Series1.0 <= 3.11affected
MoxaEDS-G509 Series1.0 <= 3.10affected
MoxaEDS-P510 Series1.0 <= 3.11affected
MoxaEDS-P510A Series1.0 <= 3.11affected
MoxaEDS-510E Series1.0 <= 5.5affected
MoxaEDS-518E Series1.0 <= 6.3affected
MoxaEDS-528E Series1.0 <= 6.3affected
MoxaEDS-G508E Series1.0 <= 6.4affected
MoxaEDS-G512E Series1.0 <= 6.4affected
MoxaEDS-G516E Series1.0 <= 6.4affected
MoxaEDS-P506E Series1.0 <= 5.8affected
MoxaICS-G7526A Series1.0 <= 5.10affected
MoxaICS-G7528A Series1.0 <= 5.10affected
MoxaICS-G7748A Series1.0 <= 5.9affected
MoxaICS-G7750A Series1.0 <= 5.9affected
MoxaICS-G7752A Series1.0 <= 5.9affected
MoxaICS-G7826A Series1.0 <= 5.10affected
MoxaICS-G7828A Series1.0 <= 5.10affected
MoxaICS-G7848A Series1.0 <= 5.9affected
MoxaICS-G7850A Series1.0 <= 5.9affected
MoxaICS-G7852A Series1.0 <= 5.9affected
MoxaIKS-G6524A Series1.0 <= 5.10affected
MoxaIKS-6726A Series1.0 <= 5.9affected
MoxaIKS-6728A Series1.0 <= 5.9affected
MoxaIKS-G6824A Series1.0 <= 5.10affected
MoxaSDS-3006 Series1.0 <= 3.0affected
MoxaSDS-3008 Series1.0 <= 3.0affected
MoxaSDS-3010 Series1.0 <= 3.0affected
MoxaSDS-3016 Series1.0 <= 3.0affected
MoxaSDS-G3006 Series1.0 <= 3.0affected
MoxaSDS-G3008 Series1.0 <= 3.0affected
MoxaSDS-G3010 Series1.0 <= 3.0affected
MoxaSDS-G3016 Series1.0 <= 3.0affected
MoxaPT-7728 Series1.0 <= 3.9affected
MoxaPT-7828 Series1.0 <= 4.0affected
MoxaPT-G503 Series1.0 <= 5.3affected
MoxaPT-G510 Series1.0 <= 6.5affected
MoxaPT-G7728 Series1.0 <= 6.4affected
MoxaPT-G7828 Series1.0 <= 6.4affected
MoxaTN-4500A Series1.0 <= 3.13affected
MoxaTN-5500A Series1.0 <= 3.13affected
MoxaTN-G4500 Series1.0 <= 5.5affected
MoxaTN-G6500 Series1.0 <= 5.5affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

Workarounds

To mitigate the risks associated with this vulnerability, we recommend the following actions:

  • Disable Moxa Service and Moxa Service (Encrypted) temporarily if they are not required for operations. This will minimize potential attack vectors until a patch or updated firmware is applied.

Refer to the General Security Best Practices section to further strengthen your security posture.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References