A essential vulnerability recognized as CVE-2024-12297 has been found in Moxa’s PT sequence of community switches, affecting a number of fashions throughout completely different product strains.
This safety flaw entails an authorization logic disclosure that may be exploited to bypass authentication mechanisms, permitting malicious actors to realize unauthorized entry to delicate configurations, doubtlessly disrupting community providers.
The vulnerability, labeled as CWE-656: Reliance on Safety By way of Obscurity, allows attackers to bypass client-side and backend server verification processes regardless of present safety measures.
Exploitation can result in brute-force assaults geared toward guessing legitimate credentials or leveraging MD5 collision assaults to forge authentication hashes, thereby compromising machine safety.
Recognized Vulnerability Kind and Potential Influence
| Merchandise | Vulnerability Kind | Influence |
| 1 | CWE-656: Reliance on Safety By way of Obscurity (CVE-2024-12297) | Exploitation may permit attackers to bypass authentication, carry out brute-force or MD5 collision assaults, and acquire unauthorized entry to delicate configurations or disrupt providers. |
The vulnerability recognized in Moxa’s PT switches, CVE-2024-12297, carries important severity. Its scoring particulars spotlight the essential nature of this risk.
In response to the Frequent Vulnerability Scoring System (CVSS) model 4.0, this vulnerability has a base rating of 9.2, indicating excessive severity. The vector for this rating is AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L.
This breaks down into varied elements similar to Assault Vector (AV), Assault Complexity (AC), and Privileges Required (PR). Particularly, an attacker can exploit this vulnerability remotely (AV:N) with low complexity (AC:L), requiring no person interplay (UI:N), and no privileges (PR:N).
The vulnerability permits excessive potential affect when it comes to confidentiality, integrity, and availability (VC, VI, VA all set to Excessive), however the scope for altering these impacts is restricted (SC:L).
The affect on system integrity and availability can be restricted (SI:L), and there’s no important scope for amplifying these impacts (SA:L).
Affected Merchandise and Options
Affected Merchandise
| Product Sequence | Affected Variations |
| PT-508 Sequence | Firmware model 3.8 and earlier |
| PT-510 Sequence | Firmware model 3.8 and earlier |
| PT-7528 Sequence | Firmware model 5.0 and earlier |
| PT-7728 Sequence | Firmware model 3.9 and earlier |
| PT-7828 Sequence | Firmware model 4.0 and earlier |
| PT-G503 Sequence | Firmware model 5.3 and earlier |
| PT-G510 Sequence | Firmware model 6.5 and earlier |
| PT-G7728 Sequence | Firmware model 6.5 and earlier |
| PT-G7828 Sequence | Firmware model 6.5 and earlier |
Along with making use of the product-specific options, customers are suggested to observe common safety suggestions to boost the safety posture of their networks.
Common updates and checks for patches are essential in stopping the exploitation of such vulnerabilities.
This advisory serves as a name to motion for each Moxa and its prospects to make sure well timed mitigation of the recognized dangers, defending towards potential malicious actions.
Customers of the affected Moxa merchandise ought to prioritize contacting Moxa Technical Assist to acquire the required safety patches.
Are you from SOC/DFIR Groups? – Analyse Malware Incidents & get stay Entry with ANY.RUN -> Begin Now for Free.
