Vulnerability in Moxa Eds-508a Series

CVE-2024-12297

Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in i…

EPSS: 0.002 (45.4th percentile) — read the EPSS interpretation.

Affected products

Moxa Eds-508a Series — versions 1.0
Moxa Pt-508 Series — versions 1.0
Moxa Pt-510 Series — versions 1.0
Moxa Pt-7528 Series — versions 1.0
Moxa Pt-7728 Series — versions 1.0
Moxa Pt-7828 Series — versions 1.0
Moxa Pt-g503 Series — versions 1.0
Moxa Pt-g510 Series — versions 1.0
Moxa Pt-g7728 Series — versions 1.0
Moxa Pt-g7828 Series — versions 1.0

Weakness classification (CWE)

CWE-656

References

www.moxa.com/en/support/product-support/security-advisory/mpsa-241407-cve-2024-… (vendor-advisory)
www.moxa.com/en/support/product-support/security-advisory/mpsa-241408-cve-2024-… (vendor-advisory)