CVE-2024-9138

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Jan 3, 2025
CWE ID 656

Summary

CVE-2024-9138 is a newly disclosed high-severity vulnerability that impacts Moxa's cellular routers, secure routers, and network security appliances. This issue is caused by hard-coded credentials that allow an authenticated user to escalate privileges and gain root-level access to the affected systems, posing a substantial security risk. An attacker who successfully exploits this vulnerability can compromise the entire network, potentially leading to data theft, unauthorized access, or system damage. Users are strongly urged to apply the upcoming patches or updates from Moxa to mitigate this risk as soon as they become available.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Moxa EDR-G903
  • Moxa EDR-G902

Affected Vendors

  • MOXA Inc.