AI description
CVE-2024-12297 is an authentication bypass vulnerability affecting Moxa PT switches and EDS-508A series running firmware version 3.11 and earlier. The vulnerability exists due to flaws in the authorization mechanism. While both client-side and back-end server verification are implemented, weaknesses exist that allow attackers to bypass these checks. Attackers may exploit this vulnerability through brute-force attacks to guess credentials or MD5 collision attacks to forge authentication hashes. Successful exploitation could allow unauthorized access to sensitive configurations or disruption of services. Moxa has released patches to address this vulnerability and recommends users update their firmware or apply suggested mitigation steps. These mitigations include minimizing network exposure, limiting SSH access to trusted sources, and implementing intrusion detection or prevention systems. Additional mitigations include using firewalls and access control lists to restrict communication and segregating operational networks from other networks.
- Description
- Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable brute-force attacks to guess valid credentials or MD5 collision attacks to forge authentication hashes, potentially compromising the security of the device.
- Source
- psirt@moxa.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 9.2
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- psirt@moxa.com
- CWE-656
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2024-12297
@transilienceai
17 Mar 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
📌 أصدرت شركة موكسا التايوانية تحديثًا أمنيًا لعلاج ثغرة حرجة في محولات PT، مما يسمح للمهاجمين بتجاوز ضمانات المصادقة. تم تصنيف الثغرة، المعروفة باسم CVE-2024-12297، بدرجة 9.2 من 10 وفقًا لنظام CVSS v4. #الامن_السيبراني https://t.co/aTUEySiCkV
@Cybercachear
11 Mar 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Security Vulnerability (CVE-2024-12297) in Moxa PT Switches Allows Unauthorized Access https://t.co/8W4ta1I53Z #cve #vulnerability #CyberAttack https://t.co/0CJ70TVmXD
@threatsbank
11 Mar 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ A critical flaw (CVE-2024-12297) in Moxa PT switches could let attackers bypass authentication, with a CVSS score of 9.2/10. This could lead to unauthorized access or service disruptions. Protect your systems now: https://t.co/f9vsRhqTPj
@TheHackersNews
11 Mar 2025
77118 Impressions
45 Retweets
98 Likes
19 Bookmarks
2 Replies
1 Quote
"⚠️ Vulnerability Alert: Critical Vulnerability in Moxa PT Switches Allows Unauthorized Access 📅 Timeline: Disclosure: 2025-01-15, Patch: Not available yet 📌 Attribution: 🆔cveId: CVE-2024-12297 📊baseScore: 9.2 📏cvssMetrics:… https://t.co/caB69c1sSZ
@syedaquib77
10 Mar 2025
53 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
==== 資安雙週報 (250201) ==== 初一十五除了呷菜喔外 也要關心一下安全圈的消息 - 空殼帳號? - 新創公司的通病? - CVE-2024-7344 bypass bootloader - CVE-2024-12297 bypass auth
@PTTNetSecurity
1 Feb 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
4 Replies
0 Quotes
Moxa EDS-508A Series の脆弱性 CVE-2024-12297 (CVSS 9.2) が FIX:パッチ適用前の緩和策も提供 https://t.co/vko6zzWYKt Moxa EDS-508A の脆弱性 CVE-2024-12297 が FIX しました。ご利用のチームは、ご注意ください。Moxa 関連の直近の記事は、2025/01/04 の「Moxa 製品の脆弱性… https://t.co/HPoqC0iGJY
@iototsecnews
29 Jan 2025
70 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Moxa warns of a critical vulnerability (CVE-2024-12297) in EDS-508A Series Ethernet switches, allowing unauthorized access. A patch is available for affected devices. 🔒 #Moxa #NetworkSecurity #Taiwan link: https://t.co/ePsoe0doy8 https://t.co/zfVAdmVfBK
@TweetThreatNews
20 Jan 2025
74 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series Learn about the critical vulnerability CVE-2024-12297 affecting Moxa's EDS-508A Series Ethernet switches. Discover the potential risks and how to mitigate them. https://t.co/jKwL6nGNbR
@the_yellow_fall
19 Jan 2025
369 Impressions
0 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2024-12297 | Moxa EDS-508A up to 3.11 reliance on security through obscurity) has been published on https://t.co/D5pKpZwbzd
@WolfgangSesin
15 Jan 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes