CVE-2024-12297

Published Jan 15, 2025

Last updated a month ago

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2024-12297 is an authentication bypass vulnerability affecting Moxa PT switches and EDS-508A series running firmware version 3.11 and earlier. The vulnerability exists due to flaws in the authorization mechanism. While both client-side and back-end server verification are implemented, weaknesses exist that allow attackers to bypass these checks. Attackers may exploit this vulnerability through brute-force attacks to guess credentials or MD5 collision attacks to forge authentication hashes. Successful exploitation could allow unauthorized access to sensitive configurations or disruption of services. Moxa has released patches to address this vulnerability and recommends users update their firmware or apply suggested mitigation steps. These mitigations include minimizing network exposure, limiting SSH access to trusted sources, and implementing intrusion detection or prevention systems. Additional mitigations include using firewalls and access control lists to restrict communication and segregating operational networks from other networks.

Description
Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable brute-force attacks to guess valid credentials or MD5 collision attacks to forge authentication hashes, potentially compromising the security of the device.
Source
psirt@moxa.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
9.2
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
CRITICAL

Weaknesses

psirt@moxa.com
CWE-656

Social media

Hype score
Not currently trending
  1. Actively exploited CVE : CVE-2024-12297

    @transilienceai

    17 Mar 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  2. 📌 أصدرت شركة موكسا التايوانية تحديثًا أمنيًا لعلاج ثغرة حرجة في محولات PT، مما يسمح للمهاجمين بتجاوز ضمانات المصادقة. تم تصنيف الثغرة، المعروفة باسم CVE-2024-12297، بدرجة 9.2 من 10 وفقًا لنظام CVSS v4. #الامن_السيبراني https://t.co/aTUEySiCkV

    @Cybercachear

    11 Mar 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Critical Security Vulnerability (CVE-2024-12297) in Moxa PT Switches Allows Unauthorized Access https://t.co/8W4ta1I53Z #cve #vulnerability #CyberAttack https://t.co/0CJ70TVmXD

    @threatsbank

    11 Mar 2025

    50 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚠️ A critical flaw (CVE-2024-12297) in Moxa PT switches could let attackers bypass authentication, with a CVSS score of 9.2/10. This could lead to unauthorized access or service disruptions. Protect your systems now: https://t.co/f9vsRhqTPj

    @TheHackersNews

    11 Mar 2025

    77118 Impressions

    45 Retweets

    98 Likes

    19 Bookmarks

    2 Replies

    1 Quote

  5. "⚠️ Vulnerability Alert: Critical Vulnerability in Moxa PT Switches Allows Unauthorized Access 📅 Timeline: Disclosure: 2025-01-15, Patch: Not available yet 📌 Attribution: 🆔cveId: CVE-2024-12297 📊baseScore: 9.2 📏cvssMetrics:… https://t.co/caB69c1sSZ

    @syedaquib77

    10 Mar 2025

    53 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. ==== 資安雙週報 (250201) ==== 初一十五除了呷菜喔外 也要關心一下安全圈的消息 - 空殼帳號? - 新創公司的通病? - CVE-2024-7344 bypass bootloader - CVE-2024-12297 bypass auth

    @PTTNetSecurity

    1 Feb 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    4 Replies

    0 Quotes

  7. Moxa EDS-508A Series の脆弱性 CVE-2024-12297 (CVSS 9.2) が FIX:パッチ適用前の緩和策も提供 https://t.co/vko6zzWYKt Moxa EDS-508A の脆弱性 CVE-2024-12297 が FIX しました。ご利用のチームは、ご注意ください。Moxa 関連の直近の記事は、2025/01/04 の「Moxa 製品の脆弱性… https://t.co/HPoqC0iGJY

    @iototsecnews

    29 Jan 2025

    70 Impressions

    2 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🚨 Moxa warns of a critical vulnerability (CVE-2024-12297) in EDS-508A Series Ethernet switches, allowing unauthorized access. A patch is available for affected devices. 🔒 #Moxa #NetworkSecurity #Taiwan link: https://t.co/ePsoe0doy8 https://t.co/zfVAdmVfBK

    @TweetThreatNews

    20 Jan 2025

    74 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series Learn about the critical vulnerability CVE-2024-12297 affecting Moxa's EDS-508A Series Ethernet switches. Discover the potential risks and how to mitigate them. https://t.co/jKwL6nGNbR

    @the_yellow_fall

    19 Jan 2025

    369 Impressions

    0 Retweets

    4 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  10. New post from https://t.co/uXvPWJy6tj (CVE-2024-12297 | Moxa EDS-508A up to 3.11 reliance on security through obscurity) has been published on https://t.co/D5pKpZwbzd

    @WolfgangSesin

    15 Jan 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes