CVE-2024-9138

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jan 3, 2025

CWE ID 656

Summary

CVE-2024-9138 is a newly disclosed vulnerability that puts Moxa's cellular routers, secure routers, and network security appliances at risk. The issue revolves around hard-coded credentials, which can be exploited by authenticated users to escalate their privileges and ultimately gain root-level access to the affected systems. This vulnerability poses a significant security risk, as unauthorized users with this level of access can make substantial changes to the system configuration and potentially cause serious harm. Organizations using Moxa's impacted products are urged to update their firmware and implement strong access control measures to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Moxa EDR-G903
Moxa EDR-G902

Affected Vendors

MOXA Inc.

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Know What Matters

For Customers

For Partners