January 6, 2025 By Bill Toulas
Industrial networking and communications provider Moxa is warning of a high-severity and a critical vulnerability that impact various models of its cellular routers, secure routers, and network security appliances.
The two seurity issues allow remote attackers to get root privileges on vulnerable devices and to execute arbitrary commands, which could lead to arbitrary code execution.
Risks on Moxa routers
Moxa devices are used in environments with industrial automation and control systems from transportation, utilities and energy, and telecommunications sectors.
On Friday, the vendor issued an urgent warning for the following two vulnerabilities:
CVE-2024-9138 (8.6, high severity score): Hard-coded credentials that enable authenticated users to escalate privileges to root
CVE-2024-9140 (9.3, critical severity score): OS command injection flaw caused by exploiting improper input restrictions, leading to arbitrary code execution
The second flaw is particularly dangerous because it can be exploited by remote attackers.
Moxa has released firmware updates that address the vulnerabilities and notes that "immediate action is strongly recommended to prevent potential exploitation and mitigate these risks."
The following devices are impacted by both CVE-2024-9140 and CVE-2024-9138:
- EDR-8010 Series on firmware 3.13.1 and earlier
- EDR-G9004 Series on firmware 3.13.1 and earlier
- EDR-G9010 Series on firmware 3.13.1 and earlier
- EDF-G1002-BP Series on firmware 3.13.1 and earlier
- NAT-102 Series on firmware 1.0.5 and earlier
- OnCell G4302-LTE4 Series on firmware 3.13 and earlier
- TN-4900 Series on firmware 3.13 and earlier