Industrial networking and communications supplier Moxa is warning of a high-severity and a crucial vulnerability that affect numerous fashions of its mobile routers, safe routers, and community safety home equipment.
The 2 seurity points enable distant attackers to get root privileges on weak units and to execute arbitrary instructions, which might result in arbitrary code execution.
Dangers on Moxa routers
Moxa units are utilized in environments with industrial automation and management programs from transportation, utilities and power, and telecommunications sectors.
On Friday, the seller issued an pressing warning for the next two vulnerabilities:
CVE-2024-9138 (8.6, excessive severity rating): Onerous-coded credentials that allow authenticated customers to escalate privileges to root
CVE-2024-9140 (9.3, crucial severity rating): OS command injection flaw attributable to exploiting improper enter restrictions, resulting in arbitrary code execution
The second flaw is especially harmful as a result of it may be exploited by distant attackers.
Moxa has launched firmware updates that deal with the vulnerabilities and notes that “immediate action is strongly recommended to prevent potential exploitation and mitigate these risks.”
The next units are impacted by each CVE-2024-9140 and CVE-2024-9138:
- EDR-8010 Sequence on firmware 3.13.1 and earlier
- EDR-G9004 Sequence on firmware 3.13.1 and earlier
- EDR-G9010 Sequence on firmware 3.13.1 and earlier
- EDF-G1002-BP Sequence   on firmware 3.13.1 and earlier
- NAT-102 Sequence on firmware 1.0.5 and earlier
- OnCell G4302-LTE4 Sequence on firmware 3.13 and earlier
- TN-4900 Sequence on firmware 3.13 and earlier
Moreover, EDR-810 Sequence on firmware 5.12.37 and older, EDR-G902 Sequence on firmware 5.7.25 and older, and TN-4900 Sequence on firmware 3.13 and older are weak solely to CVE-2024-9138.
Customers of EDR-8010 Sequence, EDR-G9004 Sequence, EDR-G9010, and EDF-G1002-BP Sequence ought to improve to firmware model 3.14, launched on December 31, 2024, to deal with the issue.
It’s advisable to observe the obtain hyperlinks for every gadget mannequin supplied on Moxa’s bulletin to acquire the official firmware photos.
Admins of OnCell G4302-LTE4 Sequence and TN-4900 Sequence are suggested to contact Moxa help to obtain steerage on patching.
For the NAT-102 Sequence, there’s at present no patch obtainable, and directors are really helpful to use mitigations.
Moxa suggests limiting the gadget’s community publicity and SSH entry and utilizing firewalls, IDS, or an Intrusion Prevention System (IPS) to observe and block exploitation makes an attempt.
The advisory explicitly mentions that the MRC-1002 Sequence, TN-5900 Sequence, and OnCell 3120-LTE-1 Sequence units will not be weak to both flaw.
