Taiwanese firm Moxa has launched a safety replace to deal with a vital safety flaw impacting its PT switches that might allow an attacker to bypass authentication ensures.
The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 rating of 9.2 out of a most of 10.0.
“A number of Moxa PT switches are susceptible to an authentication bypass due to flaws of their authorization mechanism,” the corporate mentioned in an advisory launched final week.
“Regardless of client-side and back-end server verification, attackers can exploit weaknesses in its implementation. This vulnerability might allow brute-force assaults to guess legitimate credentials or MD5 collision assaults to forge authentication hashes, doubtlessly compromising the safety of the system.”
Profitable exploitation of the shortcoming, in different phrases, may result in an authentication bypass and permit an attacker to achieve unauthorized entry to delicate configurations or disrupt providers.
The flaw impacts the next variations –
- PT-508 Collection (Firmware model 3.8 and earlier)
- PT-510 Collection (Firmware model 3.8 and earlier)
- PT-7528 Collection (Firmware model 5.0 and earlier)
- PT-7728 Collection (Firmware model 3.9 and earlier)
- PT-7828 Collection (Firmware model 4.0 and earlier)
- PT-G503 Collection (Firmware model 5.3 and earlier)
- PT-G510 Collection (Firmware model 6.5 and earlier)
- PT-G7728 Collection (Firmware model 6.5 and earlier), and
- PT-G7828 Collection (Firmware model 6.5 and earlier)
Patches for the vulnerability may be obtained by contacting the Moxa Technical Assist crew. The corporate credited Artem Turyshev from Moscow-based Rosatom Automated Management Methods (RASU) for reporting the vulnerability.
Exterior apply the most recent fixes, firms utilizing the affected merchandise are advisable to limit community entry utilizing firewalls or entry management lists (ACLs), implement community segmentation, reduce direct publicity to the web, implement multi-factor authentication (MFA) for accessing vital techniques, allow occasion logging, and monitor community site visitors and system conduct for uncommon actions.
It is price noting that Moxa resolved the identical vulnerability within the Ethernet change EDS-508A Collection, operating firmware model 3.11 and earlier, again in mid-January 2025.
The event comes a bit of over two months after Moxa rolled out patches for 2 safety vulnerabilities impacting its mobile routers, safe routers, and community safety home equipment (CVE-2024-9138 and CVE-2024-9140) that might permit privilege escalation and command execution.
Final month, it additionally addressed a number of high-severity flaws affecting varied switches (CVE-2024-7695, CVE-2024-9404, and CVE-2024-9137) that might lead to a denial-of-service (DoS) assault, or command execution.
