Moxa Warns Of Critical Authorization Vulnerability In Eds-508a Series Ethernet Switches
Thumbnail
Summary: Moxa has issued a security advisory for CVE-2024-12297, a critical vulnerability (CVSS 9.2) in its EDS-508A Series Ethernet switches that affects firmware version 3.11 and earlier. This vulnerability allows attackers to bypass authentication, potentially gaining unauthorized access to sensitive configurations or disrupting operations. Moxa has provided a security patch and recommended mitigations to protect affected devices.

Threat Actor: Cybercriminals | Cybercriminals
Victim: Moxa | Moxa

Keypoints :

  • Vulnerability CVE-2024-12297 allows unauthenticated remote exploits on EDS-508A Series switches.
  • Attackers can use brute-force and MD5 collision attacks to bypass security controls.
  • Moxa recommends restricting network access and deploying IDS/IPS for mitigation.

Source: https://securityonline.info/cve-2024-12297-cvss-9-2-critical-authorization-vulnerability-in-moxa-eds-508a-series/