Summary: Moxa has issued a security advisory for a critical denial-of-service (DoS) vulnerability, tracked as CVE-2024-9404, affecting several models of its PT switches. This vulnerability, resulting from insufficient input validation in the moxa_cmd service, could allow attackers to disrupt operations by causing system crashes. Moxa has provided security patches for the affected models and recommends disabling the Moxa service as a temporary mitigation measure.
Affected: Moxa PT Switches
Keypoints :
- Vulnerability CVE-2024-9404 has a CVSS score of 7.5.
- Affected models include PT-7728, PT-7828, PT-G503, and PT-G510 series with specified firmware versions.
- Security patches are available, and users should contact Moxa Technical Support for assistance.
- Disabling the Moxa service is advised as a temporary mitigation until patches are applied.
Source: https://securityonline.info/moxa-pt-switches-vulnerable-to-cve-2024-9404-denial-of-service-attack/