Taiwan-based industrial networking company Moxa has issued a security advisory regarding two high-severity vulnerabilities affecting its cellular routers, secure routers, and network security appliances. These flaws could enable privilege escalation and unauthorized command execution, potentially compromising affected devices.
Details of the Security Vulnerabilities
Moxa has confirmed the following security issues:
CVE-2024-9138 (CVSS 4.0 Score: 8.6) – A hard-coded credentials vulnerability that may allow an authenticated user to escalate privileges to root-level access. This can lead to system compromise, unauthorized modifications, data exposure, and service disruptions.
CVE-2024-9140 (CVSS 4.0 Score: 9.3) – A command injection vulnerability where attackers can exploit special characters to bypass input restrictions, potentially executing unauthorized system commands.
These vulnerabilities were reported by security researcher Lars Haulin.
Impacted Products and Firmware Versions
The following Moxa devices and firmware versions are affected:
CVE-2024-9138
EDR-810 Series (Firmware v5.12.37 and earlier)
EDR-8010 Series (Firmware v3.13.1 and earlier)
EDR-G902 Series (Firmware v5.7.25 and earlier)
EDR-G9004 Series (Firmware v3.13.1 and earlier)
EDR-G9010 Series (Firmware v3.13.1 and earlier)
EDF-G1002-BP Series (Firmware v3.13.1 and earlier)
NAT-102 Series (Firmware v1.0.5 and earlier)
OnCell G4302-LTE4 Series (Firmware v3.13 and earlier)
TN-4900 Series (Firmware v3.13 and earlier)
CVE-2024-9140
EDR-8010 Series (Firmware v3.13.1 and earlier)
EDR-G9004 Series (Firmware v3.13.1 and earlier)
EDR-G9010 Series (Firmware v3.13.1 and earlier)
EDF-G1002-BP Series (Firmware v3.13.1 and earlier)
NAT-102 Series (Firmware v1.0.5 and earlier)
OnCell G4302-LTE4 Series (Firmware v3.13 and earlier)
TN-4900 Series (Firmware v3.13 and earlier)
Available Security Patches and Fixes
Moxa has released firmware updates for the following affected devices:
EDR-810 Series – Upgrade to firmware v3.14 or later
EDR-8010 Series – Upgrade to firmware v3.14 or later
EDR-G902 Series – Upgrade to firmware v3.14 or later
EDR-G903 Series – Upgrade to firmware v3.14 or later
EDR-G9004 Series – Upgrade to firmware v3.14 or later
EDR-G9010 Series – Upgrade to firmware v3.14 or later
EDF-G1002-BP Series – Upgrade to firmware v3.14 or later
NAT-102 Series – No official patch available
OnCell G4302-LTE4 Series – Contact Moxa Technical Support
TN-4900 Series – Contact Moxa Technical Support
Mitigation Measures and Best Practices
Moxa has recommended the following security measures to mitigate potential risks:
✔ Restrict Internet Exposure – Ensure that affected devices are not directly accessible from the internet.
✔ Limit SSH Access – Implement firewall rules or TCP wrappers to allow SSH access only from trusted IP addresses and networks.
✔ Monitor for Exploitation Attempts – Deploy intrusion detection systems (IDS) and log monitoring to detect and prevent unauthorized access.
✔ Regular Security Audits – Conduct periodic vulnerability assessments to ensure compliance with security best practices.
Conclusion
With industrial networks increasingly becoming targets for cyber threats, organizations using Moxa products must take immediate action to apply available patches and implement the recommended mitigation strategies.
For further assistance, users can visit Moxa's official security advisory page or contact Moxa Technical Support.