OTPulse
FeedAboutContact

Moxa MXsecurity Series Multiple Vulnerabilities

Monitor5.3MPSA-231878Oct 18, 2024
Summary

MXsecurity Series version 1.1.0 and prior contain two vulnerabilities: (1) CVE-2024-4739: Lack of access restriction allows an attacker who obtains a valid authenticator to pose as an authorized user and access protected resources. (2) CVE-2024-4740: Hard-coded credentials embedded in the software could allow an attacker to authenticate without legitimate credentials and tamper with sensitive data. Both vulnerabilities are remotely exploitable and have a CVSS score of 5.3 (medium severity).

What this means
What could happen
An attacker who obtains valid authentication credentials or exploits hard-coded credentials in MXsecurity could access sensitive data and configuration, potentially allowing unauthorized changes to security settings or monitoring functions in the device.
Who's at risk
Organizations operating Moxa MXsecurity Series devices should care, particularly those using them for network edge security, VPN, or secure communications in industrial and critical infrastructure environments. This includes water authorities, electric utilities, and manufacturing facilities that rely on Moxa hardware for secure remote access or device management.
How it could be exploited
An attacker can either intercept and reuse valid authenticator tokens (CVE-2024-4739) or leverage hard-coded credentials embedded in the software (CVE-2024-4740) to authenticate to the MXsecurity device remotely. Once authenticated, the attacker gains access to protected resources and sensitive data.
Prerequisites
  • Network access to MXsecurity device
  • Valid authentication credentials or ability to discover/reuse authenticator tokens
  • For CVE-2024-4740: knowledge of hard-coded credentials (if discoverable in firmware or documentation)
remotely exploitableno authentication required (CVE-2024-4739)low complexityno patch availablehard-coded credentials present
Exploitability
Low exploit probability (EPSS 0.5%)
Affected products (1)
ProductAffected VersionsFix Status
MXsecurity Series Multiple VulnerabilitiesAll versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDRestrict network access to MXsecurity devices using firewall rules; allow only trusted management stations or networks to reach the device
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXContact Moxa support to determine if patches or workarounds are available; no vendor fix has been announced for MXsecurity v1.1.0 and prior
Mitigations - no patch available
0/2
MXsecurity Series Multiple Vulnerabilities has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGSegment MXsecurity devices onto a dedicated management network isolated from production systems and untrusted networks
HARDENINGImplement strong access controls and credential management; ensure authentication tokens are not logged, cached, or transmitted in plaintext
View full Moxa Security advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/9849cc72-924a-42fb-bbd2-dcf2f1c8fd0f
Moxa MXsecurity Series Multiple Vulnerabilities | CVSS 5.3 - OTPulse