Security vulnerabilities: Backdoor compromises industrial router from Moxa
Among other things, important security updates close a critical gap in Moxa routers. However, the patch has not yet been released for one model.
(Image: momente/Shutterstock.com)
Admins of Moxa routers should update their devices to the latest version as soon as possible. The developers have closed two security gaps in the latest firmware versions. Root and malicious code attacks are possible.
Dangerous security vulnerabilities
The manufacturer's routers are used in industrial environments, such as the energy sector. As a result, successful attacks can have serious consequences. In a warning message, Moxa states that the developers have closed two vulnerabilities (CVE-2024- 9138"high", CVE-2024-9140"critical").
If attackers exploit the first vulnerability, they can gain unauthorized access with root privileges using hardcoded credentials. In such a position, they can completely compromise devices. It can be assumed that attackers can spread further into networks from there.
Patch now!
The second vulnerability allows malicious code to reach devices due to insufficient input validation. In a warning message, the developers list the affected models and vulnerable firmware versions. Version 3.14 is protected against the attacks described.
Videos by heise
Anyone using routers from the OnCell G4302-LTE4 series must contact support for a security patch. There is not yet a security update for the NAT-102 series. At this point, administrators must secure devices using an interim solution. To do this, they must ensure that the router is not accessible via the Internet. In addition, access should be restricted to known IP addresses. It is not yet known when the patch will be released.
(des)
