WARNING: CRITICAL AUTHENTICATION BYPASS VULNERABILITY IN MOXA EDS-508A SERIES, PATCH IMMEDIATELY!
CVE-2024-12297: CVSS 9.2 (v4)
(CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X
/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X)
Bronnen
Moxa - CVE-2024-12297: Frontend Authorization Logic Disclosure Vulnerability in EDS-508A Series
Risico’s
This vulnerability could lead attackers to bypass authentication, potentially allowing unauthorized access to the device and its sensitive configuration. This has a high impact on confidentiality and integrity. Furthermore, the attacker could disrupt the devices operations, leading to a high impact on availability.
Beschrijving
Moxa's Ethernet switch EDS-508A Series, running firmware version 3.11 and earlier, contains flaws in its authorization mechanism. The vulnerability affects client-side and back-end server verification processes. Despite the checks done on both sides, the flaw allows an attacker to conduct brute-force and MD5 collision attacks. The vulnerability is particularly severe because it allows unauthenticated remote exploit.
Aanbevolen acties
Patch
Moxa has developed a security patch to address the vulnerability. Administrators are encouraged to “contact Moxa Technical Support for the security patch.”
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/nl/cert/een-incident-melden.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
Referenties
Security Online - CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series