CVE-2024-9137

Moxa Service Missing Authentication for Critical Function

Description

The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise.

Remediation

Solution:

Please refer to the security advisories: * Missing Authentication and OS Command Injection Vulnerabilities in Cellular Routers, Secure Routers, and Network Security Appliances https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances * CVE-2024-9137: Missing Authentication Vulnerability in Ethernet Switches https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241156-cve-2024-9137-missing-authentication-vulnerability-in-ethernet-switches

Workaround:

To mitigate the risks associated with this vulnerability, we recommend the following actions: * Disable Moxa Service and Moxa Service (Encrypted) temporarily if they are not required for operations. This will minimize potential attack vectors until a patch or updated firmware is applied. Refer to the General Security Best Practices section to further strengthen your security posture.

References

Link	Tags
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances	vendor advisory
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241156-cve-2024-9137-missing-authentication-vulnerability-in-ethernet-switches	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2024-9137?: CVE-2024-9137 has been scored as a high severity vulnerability.
How to fix CVE-2024-9137?: To fix CVE-2024-9137: Please refer to the security advisories: * Missing Authentication and OS Command Injection Vulnerabilities in Cellular Routers, Secure Routers, and Network Security Appliances https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances * CVE-2024-9137: Missing Authentication Vulnerability in Ethernet Switches https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241156-cve-2024-9137-missing-authentication-vulnerability-in-ethernet-switches
Is CVE-2024-9137 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-9137 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-9137?: CVE-2024-9137 affects Moxa EDR-8010 Series, Moxa EDR-G9004 Series, Moxa EDR-G9010 Series, Moxa EDF-G1002-BP Series, Moxa NAT-102 Series, Moxa OnCell G4302-LTE4 Series, Moxa TN-4900 Series, Moxa EDS-608 Series, Moxa EDS-611 Series, Moxa EDS-616 Series, Moxa EDS-619 Series, Moxa EDS-405A Series, Moxa EDS-408A Series, Moxa EDS-505A Series, Moxa EDS-508A Series, Moxa EDS-510A Series, Moxa EDS-516A Series, Moxa EDS-518A Series, Moxa EDS-G509 Series, Moxa EDS-P510 Series, Moxa EDS-P510A Series, Moxa EDS-510E Series, Moxa EDS-518E Series, Moxa EDS-528E Series, Moxa EDS-G508E Series, Moxa EDS-G512E Series, Moxa EDS-G516E Series, Moxa EDS-P506E Series, Moxa ICS-G7526A Series, Moxa ICS-G7528A Series, Moxa ICS-G7748A Series, Moxa ICS-G7750A Series, Moxa ICS-G7752A Series, Moxa ICS-G7826A Series, Moxa ICS-G7828A Series, Moxa ICS-G7848A Series, Moxa ICS-G7850A Series, Moxa ICS-G7852A Series, Moxa IKS-G6524A Series, Moxa IKS-6726A Series, Moxa IKS-6728A Series, Moxa IKS-G6824A Series, Moxa SDS-3006 Series, Moxa SDS-3008 Series, Moxa SDS-3010 Series, Moxa SDS-3016 Series, Moxa SDS-G3006 Series, Moxa SDS-G3008 Series, Moxa SDS-G3010 Series, Moxa SDS-G3016 Series, Moxa PT-7728 Series, Moxa PT-7828 Series, Moxa PT-G503 Series, Moxa PT-G510 Series, Moxa PT-G7728 Series, Moxa PT-G7828 Series, Moxa TN-4500A Series, Moxa TN-5500A Series, Moxa TN-G4500 Series, Moxa TN-G6500 Series.

Description

Remediation

Category

CWE-306 – Missing Authentication for Critical Function

References

Frequently Asked Questions