Pierluigi Paganini January 07, 2025

Moxa warns of two flaws in its routers and security appliances that enable privilege escalation and remote command execution.

Moxa addressed privilege escalation and OS command injection vulnerabilities in cellular routers, secure routers, and network security appliances.

Below are the descriptions for both vulnerabilities:

• CVE-2024-9138 (CVSS 4.0 score: 8.6): This vulnerability involves hard-coded credentials, an authenticated user can trigger the vulnerability to escalate privileges and gain root-level access to the system.
• CVE-2024-9140: (CVSS 4.0 score: 9.3)An attacker can exploit this vulnerability to bypass input restrictions, potentially leading to unauthorized command execution.

Moxa released firmware updates to address vulnerabilities CVE-2024-9140 and CVE-2024-9138. Affected devices include various EDR, NAT, and OnCell series on firmware 3.13.1 and earlier. Immediate action is recommended to prevent exploitation.

The products and firmware versions affected by CVE-2024-9138 are listed below:

The products and firmware versions affected by CVE-2024-9140 are listed below:

The vendor released the following versions to address the issues:

The company recommends that customers protect the devices by minimizing network exposure, limiting SSH access to trusted IPs, and using IDS/IPS to detect and prevent exploitation attempts.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)