Taiwan’s Moxa has warned of two security vulnerabilities affecting cellular routers, secure routers, and network security devices that could allow elevation of privilege and command execution.
The list of vulnerabilities is as follows –
- CVE-2024-9138 (CVSS Score 4.0: 8.6) – A hard-coded credential vulnerability that could allow an authenticated user to elevate privileges and gain root access to the system, leading to system compromise, unauthorized modification, data disclosure, or service failure
- CVE-2024-9140 (CVSS Score 4.0: 9.3) – The vulnerability allows attackers to use special characters to bypass input restrictions, which could lead to unauthorized command execution
The vulnerabilities, reported by security researcher Lars Howlin, affect the following products and firmware versions –
- CVE-2024-9138 – EDR-810 series (Firmware version 5.12.37 and earlier), EDR-8010 series (Firmware version 3.13.1 and earlier), EDR-G902 series (Firmware version 5.7.25 and earlier), EDR-G902 series (Firmware version 5.7.25 and earlier), EDR-G9004 series (firmware version 3.13.1 and earlier), EDR-G9010 series (firmware version 3.13.1 and earlier), EDF-G1002-BP series (firmware version 3.13.1 and earlier), NAT-102 series (firmware version 1.0.5 and earlier) , OnCell G4302-LTE4 series (Firmware version 3.13 and earlier) and TN-4900 Series (firmware version 3.13 and earlier)
- CVE-2024-9140 – EDR-8010 series (Firmware version 3.13.1 and earlier), EDR-G9004 series (Firmware version 3.13.1 and earlier), EDR-G9010 series (Firmware version 3.13.1 and earlier), EDF-G1002-BP series ( Firmware version 3.13.1 and earlier), NAT-102 series (firmware version 1.0.5 and earlier), OnCell G4302-LTE4 series (firmware version 3.13 and earlier) and TN-4900 series (firmware version 3.13 and earlier)
Patches were available for the following versions –
- EDR-810 Series (Upgrade to firmware version 3.14 or later)
- EDR-8010 Series (Update firmware to 3.14 or later)
- EDR-G902 Series (Update firmware to 3.14 or later)
- EDR-G903 Series (Update firmware to 3.14 or later)
- EDR-G9004 series (Update firmware to version 3.14 or later)
- EDR-G9010 Series (Update firmware to 3.14 or later)
- EDF-G1002-BP series (Upgrade to firmware version 3.14 or later)
- NAT-102 series (no official patch)
- OnCell G4302-LTE4 Series (Contact Moxa Technical Support)
- TN-4900 Series (Contact Moxa Technical Support)
As a mitigation measure, it is recommended to ensure that devices are not exposed to the Internet, limit SSH access to trusted IP addresses and networks using firewall rules or TCP wrappers, and take measures to detect and prevent exploit attempts.
