Taiwanese firm Moxa has launched a security replace to deal with a essential security flaw impacting its PT switches that might allow an attacker to bypass authentication ensures.
The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 rating of 9.2 out of a most of 10.0.
“A number of Moxa PT switches are susceptible to an authentication bypass due to flaws of their authorization mechanism,” the corporate mentioned in an advisory launched final week.
“Regardless of client-side and back-end server verification, attackers can exploit weaknesses in its implementation. This vulnerability might allow brute-force assaults to guess legitimate credentials or MD5 collision assaults to forge authentication hashes, probably compromising the security of the gadget.”
Profitable exploitation of the shortcoming, in different phrases, might result in an authentication bypass and permit an attacker to achieve unauthorized entry to delicate configurations or disrupt providers.
The flaw impacts the next variations –
- PT-508 Sequence (Firmware model 3.8 and earlier)
- PT-510 Sequence (Firmware model 3.8 and earlier)
- PT-7528 Sequence (Firmware model 5.0 and earlier)
- PT-7728 Sequence (Firmware model 3.9 and earlier)
- PT-7828 Sequence (Firmware model 4.0 and earlier)
- PT-G503 Sequence (Firmware model 5.3 and earlier)
- PT-G510 Sequence (Firmware model 6.5 and earlier)
- PT-G7728 Sequence (Firmware model 6.5 and earlier), and
- PT-G7828 Sequence (Firmware model 6.5 and earlier)
Patches for the vulnerability may be obtained by contacting the Moxa Technical Help group. The corporate credited Artem Turyshev from Moscow-based Rosatom Automated Management Programs (RASU) for reporting the vulnerability.
Outdoors apply the most recent fixes, corporations utilizing the affected merchandise are advisable to limit community entry utilizing firewalls or entry management lists (ACLs), implement community segmentation, reduce direct publicity to the web, implement multi-factor authentication (MFA) for accessing essential programs, allow occasion logging, and monitor community site visitors and gadget conduct for uncommon actions.
It is value noting that Moxa resolved the identical vulnerability within the Ethernet swap EDS-508A Sequence, operating firmware model 3.11 and earlier, again in mid-January 2025.
The event comes just a little over two months after Moxa rolled out patches for 2 security vulnerabilities impacting its mobile routers, safe routers, and community security home equipment (CVE-2024-9138 and CVE-2024-9140) that might permit privilege escalation and command execution.
Final month, it additionally addressed a number of high-severity flaws affecting numerous switches (CVE-2024-7695, CVE-2024-9404, and CVE-2024-9137) that might lead to a denial-of-service (DoS) assault, or command execution.
