Search for an article

Select a plan

Choose a plan from below, subscribe, and get access to our exclusive articles!

Monthly plan

$
13
$
0
billed monthly

Yearly plan

$
100
$
0
billed yearly

All plans include

  • Donec sagittis elementum
  • Cras tempor massa
  • Mauris eget nulla ut
  • Maecenas nec mollis
  • Donec feugiat rhoncus
  • Sed tristique laoreet
  • Fusce luctus quis urna
  • In eu nulla vehicula
  • Duis eu luctus metus
  • Maecenas consectetur
  • Vivamus mauris purus
  • Aenean neque ipsum
Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

HomeMalware & ThreatsMoxa Devices at Risk of Cyberattacks, Putting Industrial Networks in Danger

Moxa Devices at Risk of Cyberattacks, Putting Industrial Networks in Danger

Published on

spot_img

Moxa, a leading provider of industrial networking devices, has issued a security advisory warning users of critical vulnerabilities that could potentially expose critical infrastructure to cyberattacks. The affected models, including EDR and TN series routers commonly used in industrial automation, energy, and telecommunications, are at risk of privilege escalation and OS command injection.

The identified vulnerabilities, labeled as CVE-2024-9138 and CVE-2024-9140, pose significant threats to operational systems. CVE-2024-9138 involves hard-coded credentials that could allow an authenticated user to escalate privileges and gain root-level access, while CVE-2024-9140 allows attackers to bypass input restrictions using special characters, potentially leading to unauthorized command execution.

In response to these vulnerabilities, Moxa has urged immediate action to prevent exploitation and mitigate the risks. The company has released firmware updates for several affected models and advised users to upgrade to the latest firmware version to address the vulnerabilities effectively.

For the EDR-810 Series, EDR-8010 Series, EDR-G902 Series, EDR-G903 Series, EDR-G9004 Series, EDR-G9010 Series, and EDF-G1002-BP Series, users are advised to upgrade to firmware version 3.14 or later. However, for the OnCell G4302-LTE4 Series and the TN-4900 Series, users are instructed to contact Moxa’s Technical Support for security patches.

Unfortunately, there is no official patch available for the NAT-102 Series at the moment. In such cases, Moxa recommends implementing mitigations measures, such as minimizing network exposure, restricting SSH access to trusted IP addresses, and deploying IDS or IPS systems to detect and prevent exploitation attempts.

The potential impact of these vulnerabilities, including system compromise, unauthorized modifications, data exposure, and service disruption, underscores the importance of immediate action by industrial operators. Unpatched devices could serve as entry points for advanced persistent threats (APTs), posing a severe risk to essential services.

Industrial operators are strongly encouraged to review their systems, apply updates, and adopt additional protective measures to enhance cybersecurity defenses. Isolating vulnerable devices, deploying firewalls, and implementing network monitoring tools can help safeguard industrial networks against potential cyberattacks.

In conclusion, the discovery of critical vulnerabilities in Moxa’s industrial networking devices serves as a reminder of the constant threat posed by cyberattacks to critical infrastructure. By taking immediate action to address these vulnerabilities and strengthen cybersecurity defenses, industrial operators can mitigate the risks and protect their systems from potential exploitation.

Source link

Latest articles

Why HR running your employee security training may not be the best approach

In the realm of cybersecurity, collaboration among various departments is key to ensuring the...

Cyber Relief: Odisha Police Return Over ₹1.91 Crore to Scam Victims at Bhubaneswar Fair – Deccan Herald

In a heartwarming gesture, the Odisha Police returned a staggering sum of ₹1.91 crore...

Elon Musk Allegedly Involved in Money Laundering for Criminals, FBI Investigation Reveals

The tiny post office situated across from a Baptist Church in a rural town...

CISA Identifies New Vulnerabilities: CVE-2025-30406 and CVE-2025-29824

The recent update to the Known Exploited Vulnerabilities (KEV) Catalog by the Cybersecurity and...

More like this

Why HR running your employee security training may not be the best approach

In the realm of cybersecurity, collaboration among various departments is key to ensuring the...

Cyber Relief: Odisha Police Return Over ₹1.91 Crore to Scam Victims at Bhubaneswar Fair – Deccan Herald

In a heartwarming gesture, the Odisha Police returned a staggering sum of ₹1.91 crore...

Elon Musk Allegedly Involved in Money Laundering for Criminals, FBI Investigation Reveals

The tiny post office situated across from a Baptist Church in a rural town...