CVE-2024-9138

Name of the Vulnerable Software and Affected Versions Moxa EDR-810 versions prior to the fixed version Moxa EDR-8010 versions prior to the fixed version Moxa EDR-G902 versions prior to the fixed version Moxa EDR-G903 versions prior to the fixed version Moxa EDR-G9004 versions prior to the fixed version Moxa EDR-G9010 versions prior to the fixed version Moxa EDF-G1002-BP versions prior to the fixed version Moxa NAT-102 versions prior to the fixed version Moxa OnCell G4302-LTE4 versions prior to the fixed version Moxa TN-4900 versions prior to the fixed version

Description The issue is related to the use of weak protection mechanisms and hard-coded credentials in Moxa devices, allowing an authenticated user to escalate privileges and gain root-level access to the system. This poses a significant security risk. The vulnerability may be exploited by a remote attacker.

Recommendations For Moxa EDR-810, upgrade to the latest firmware version. For Moxa EDR-8010, upgrade to the latest firmware version. For Moxa EDR-G902, upgrade to the latest firmware version. For Moxa EDR-G903, upgrade to the latest firmware version. For Moxa EDR-G9004, upgrade to the latest firmware version. For Moxa EDR-G9010, upgrade to the latest firmware version. For Moxa EDF-G1002-BP, upgrade to the latest firmware version. For Moxa NAT-102, restrict SSH access. For Moxa OnCell G4302-LTE4, upgrade to the latest firmware version. For Moxa TN-4900, upgrade to the latest firmware version.