Moxa has issued a critical security advisory regarding CVE-2023-38408, a severe vulnerability in OpenSSH affecting multiple Ethernet switch models.
The flaw, with a CVSS 3.1 score of 9.8, allows unauthenticated remote attackers to execute arbitrary code on vulnerable devices without requiring user interaction.
CVE-2023-38408 stems from an unreliable search path in the PKCS#11 feature of OpenSSH’s ssh-agent before 9.3p2.
| CVE ID | Severity | CVSS | Vulnerability | Impact |
|---|---|---|---|---|
| CVE-2023-38408 | Critical | 9.8 | SSH agent forwarding flaw | Remote code execution |
The vulnerability (CWE-428) is classified as an unquoted search path issue, enabling remote code execution when an SSH agent is forwarded to an attacker-controlled system.
This security flaw represents an incomplete fix for the earlier CVE-2016-10009 vulnerability.
Attackers can exploit this weakness to achieve complete system compromise, including breaches of confidentiality, integrity, and availability.