CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-9140

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.0046/1

CVE-2024-9140 is a critical vulnerability affecting Moxa routers and network appliances. This OS command injection flaw allows attackers to execute arbitrary code due to improperly restricted commands. With an SVRS of 30, while not immediately critical, this vulnerability requires monitoring. The relatively low SVRS suggests limited exploitation in the wild or limited association with active threat actors at this time. Exploitation of CVE-2024-9140 could lead to complete system compromise. Organizations using affected Moxa devices should apply available patches or mitigations promptly to prevent potential security breaches. Failure to address this vulnerability could result in significant operational disruptions and data compromise. The presence of the "In The Wild" tag indicates that exploitation has been observed.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2025-01-03
LAST MODIFIED2025-01-03
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-9140 affects Moxa's cellular routers, secure routers, and network security appliances. This critical vulnerability allows OS command injection due to improperly restricted commands, enabling attackers to potentially execute arbitrary code. While the CVSS score is 9.8, the SOCRadar Vulnerability Risk Score (SVRS) is 56, suggesting a moderate level of urgency. This discrepancy highlights the importance of considering various factors beyond just the CVSS score when assessing risk.

Key Insights

  • Remote Code Execution: The vulnerability enables attackers to execute arbitrary code remotely, allowing them to gain control of the affected devices.
  • Wide Impact: This vulnerability impacts a range of Moxa products, potentially affecting critical infrastructure and industrial control systems.
  • Active Exploitation: The "In The Wild" tag indicates that this vulnerability is actively exploited by hackers.
  • Threat Actors: Although specific threat actors haven't been publicly identified, the vulnerability's nature and active exploitation suggest potential interest from various malicious groups.

Mitigation Strategies

  1. Apply Security Patches: Immediately apply the latest security patches and firmware updates from Moxa to address CVE-2024-9140.
  2. Network Segmentation: Implement network segmentation to limit the potential impact of a compromise.
  3. Intrusion Detection Systems (IDS): Configure intrusion detection systems to monitor network traffic for malicious activity and potential exploitation attempts.
  4. Access Control Restrictions: Implement strict access control restrictions to limit access to sensitive systems and configurations.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches
Ajit Jasrotia2025-03-11
Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches | Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees. The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 score of 9.2 out of a maximum of 10.0. &#8220;Multiple Moxa PT switches are vulnerable to an [&#8230;] The post Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches<
allhackernews.com
rss
forum
news
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] - The Hacker News
2025-01-13
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] - The Hacker News | News Content: The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay secure. Let’s turn awareness into action and keep one step ahead of the threats. ⚡ Threat of the Week Critical Ivanti Flaw Comes Under Exploitation
google.com
rss
forum
news
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
Ajit Jasrotia2025-01-13
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] | The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay [&#8230;] The post ⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January
allhackernews.com
rss
forum
news
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] - The Hacker News
2025-01-13
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] - The Hacker News | News Content: The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay secure. Let’s turn awareness into action and keep one step ahead of the threats. ⚡ Threat of the Week Critical Ivanti Flaw Comes Under Exploitation
google.com
rss
forum
news
Moxa router flaws pose serious risks to industrial environmets
Pierluigi Paganini2025-01-07
Moxa router flaws pose serious risks to industrial environmets | Moxa warns of two flaws in its routers and security appliances that enable privilege escalation and remote command execution. Moxa addressed privilege escalation and OS command injection vulnerabilities in cellular routers, secure routers, and network security appliances. Below are the descriptions for both vulnerabilities: Moxa released firmware updates to address vulnerabilities CVE-2024-9140 and CVE-2024-9138. Affected [&#8230;] Moxa warns of two flaws in
securityaffairs.co
rss
forum
news
Moxa issues alert on High-Severity Router Vulnerabilities
Priyanka R2025-01-07
Moxa issues alert on High-Severity Router Vulnerabilities | Taiwan-based Moxa has issued a security warning regarding two significant vulnerabilities in its cellular routers, secure routers, and network security appliances. These flaws, if exploited, could lead to privilege escalation and unauthorized command execution, posing a serious threat to users&#8217; systems. Vulnerabilities Overview CVE-2024-9138 (CVSS 4.0 score: 8.6) A hard-coded credentials vulnerability that allows authenticated users to escalate privileges and gain root-level access, potentially compromising the system, exposing data, or causing service disruptions. CVE-2024-9140 (CVSS 4.0 score: 9.3) A command execution
cybersafe.news
rss
forum
news
Industrial networking manufacturer Moxa reports ‘critical’ router bugs
djohnson2025-01-06
Industrial networking manufacturer Moxa reports ‘critical’ router bugs | Moxa says the flaws can be used to bypass user authentication, escalate privileges and gain root access to devices. The post Industrial networking manufacturer Moxa reports &#8216;critical&#8217; router bugs appeared first on CyberScoop.Firmware in cellular routers, secure routers and network security appliances made by Moxa are vulnerable to a pair of high severity bugs that
cyberscoop.com
rss
forum
news

Social Media

**CVE-2024-9140** (CVSS 9.3) enables attackers to bypass input restrictions and execute unauthorized commands. Impacted products include the EDR, NAT, and OnCell series with firmware versions 3.13.1 and earlier. Patches are available for most devices, except the NAT-102 and
1
0
0
Industrial networking device maker Moxa released patches for two bugs in its cellular routers, secure routers, and network security appliances. One of the bugs — CVE-2024-9140 — was a critical 9.3 flaw. #cybersecurity #infosec #ITsecurity https://t.co/m5wQlO9kR8
0
0
0
SCMagazine: Industrial networking device maker Moxa released patches for two bugs in its cellular routers, secure routers, and network security appliances. One of the bugs — CVE-2024-9140 — was a critical 9.3 flaw. #cybersecurity #infosec #ITsecurity https://t.co/SnF3EDtalg
0
0
2
💡 Ivanti Zero-Day: Analysis, Mitigation, and Context Security researchers have confirmed active exploitation of a zero-day vulnerability in Ivanti Connect Secure VPN, Policy Secure, and ZTA Gateways since December 2024. 🚨 CVE-2024-9140 CVSS 9.0 Critical: A buffer overflow https://t.co/LupA6AK3JF
0
1
2
🚨 High-Severity Flaws in Moxa Routers (CVE-2024-9138 &amp; CVE-2024-9140) 🚨 Two critical vulnerabilities risk privilege escalation &amp; command execution in Moxa routers. Firmware patches available for most affected devices: 🛠️ Patch Details: Upgrade to Firmware 3.14 or later:
0
0
0
Warning: Critical vulnerabilities in #Moxa routers and network security appliances. #CVE-2024-9138 CVSS: 7.2. This vulnerability could allow an authenticated user to gain root-level access. #CVE-2024-9140 CVSS: 9.8. An attacker could exploit it to perform #RCE! #Patch #Patch
0
0
0
leading to system compromise, unauthorized modifications, data exposure, or service disruption CVE-2024-9140 (CVSS 4.0 score: 9.3) - A vulnerability allows attackers to exploit special characters to bypass input restrictions, potentially leading to unauthorized command execution
0
0
0
Two high-severity vulnerabilities (CVE-2024-9138 &amp; CVE-2024-9140) have been discovered in #Moxa’s network appliances, commonly used in critical industries like energy, transportation, and manufacturing. These vulnerabilities pose risks of root-level privilege escalation and https://t.co/D57yhFeyQ6
0
0
0
⚠️ Moxa alerts users of critical vulnerabilities in cellular routers! CVE-2024-9138 allows privilege escalation, while CVE-2024-9140 enables unauthorized command execution. Immediate patching needed! #Moxa #VulnerabilityAlert #USA #CybersecurityNews link: https://t.co/aN6qAHj3Dq https://t.co/wON1n6XHj7
0
0
0
🚨 Two vulnerabilities (CVE-2024-9138, CVE-2024-9140) impact Moxa's routers, with CVSS scores of 8.6 and 9.3—allowing root access and unauthorized command execution. 🔑 Patch to version 3.14+ immediately. ➡️ Find out now: https://t.co/UPwx8XVL1A
3
17
22

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241155-privilege-escalation-and-os-command-injection-vulnerabilities-in-cellular-routers,-secure-routers,-and-netwo

CWE Details

CWE IDCWE NameDescription
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence