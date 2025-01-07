Taiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution.

The list of vulnerabilities is as follows -

CVE-2024-9138 (CVSS 4.0 score: 8.6) - A hard-coded credentials vulnerability that could allow an authenticated user to escalate privileges and gain root-level access to the system, leading to system compromise, unauthorized modifications, data exposure, or service disruption

The shortcomings, reported by security researcher Lars Haulin, affect the below products and firmware versions -

CVE-2024-9138 - EDR-810 Series (Firmware version 5.12.37 and earlier), EDR-8010 Series (Firmware version 3.13.1 and earlier), EDR-G902 Series (Firmware version 5.7.25 and earlier), EDR-G902 Series (Firmware version 5.7.25 and earlier), EDR-G9004 Series (Firmware version 3.13.1 and earlier), EDR-G9010 Series (Firmware version 3.13.1 and earlier), EDF-G1002-BP Series (Firmware version 3.13.1 and earlier), NAT-102 Series (Firmware version 1.0.5 and earlier), OnCell G4302-LTE4 Series (Firmware version 3.13 and earlier), and TN-4900 Series (Firmware version 3.13 and earlier)

Patches have been made available for the following versions -

EDR-810 Series (Upgrade to the firmware version 3.14 or later)

EDR-8010 Series (Upgrade to the firmware version 3.14 or later)

EDR-G902 Series (Upgrade to the firmware version 3.14 or later)

EDR-G903 Series (Upgrade to the firmware version 3.14 or later)

EDR-G9004 Series (Upgrade to the firmware version 3.14 or later)

EDR-G9010 Series (Upgrade to the firmware version 3.14 or later)

EDF-G1002-BP Series (Upgrade to the firmware version 3.14 or later)

NAT-102 Series (No official patch available)

OnCell G4302-LTE4 Series (Please contact Moxa Technical Support)

TN-4900 Series (Please contact Moxa Technical Support)

As mitigations, it's recommended to ensure that devices are not exposed to the internet, limit SSH access to trusted IP addresses and networks using firewall rules or TCP wrappers, and implement measures to detect and prevent exploitation attempts.