CVE-2024-9138

Summary

Moxa’s cellular routers, secure routers, and network security appliances are affected by a high-severity vulnerability, CVE-2024-9138. This vulnerability involves hard-coded credentials, enabling an authenticated user to escalate privileges and gain root-level access to the system, posing a significant security risk.

Affected Software

VendorProductVersion RangeStatus
MoxaEDR-810 Series1.0 <= 5.12.37affected
MoxaEDR-8010 Series1.0 <= 3.13.1affected
MoxaEDR-G902 Series1.0 <= 5.7.25affected
MoxaEDR-G903 Series1.0 <= 5.7.25affected
MoxaEDR-G9004 Series1.0 <= 3.13.1affected
MoxaEDR-G9010 Series1.0 <= 3.13.1affected
MoxaEDF-G1002-BP Series1.0 <= 3.13.1affected
MoxaNAT-102 Series1.0 <= 1.0.5affected
MoxaOnCell G4302-LTE4 Series1.0 <= 3.13affected
MoxaTN-4900 Series1.0 <= 3.13affected

Weaknesses

  • CWE-656: CWE-656: Reliance on Security Through Obscurity

Workarounds

  • Minimize network exposure to ensure the device is not accessible from the Internet.

  • Limit SSH access to trusted IP addresses and networks using firewall rules or TCP wrappers.

  • Implement IDS or Intrusion Prevention System (IPS) to detect and prevent exploitation attempts. These systems can provide an additional layer of defense by monitoring network traffic for signs of attacks.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References