← back
CVE-2024-9404

Denial-of-Service Vulnerability

CVSS 6.9 MEDIUMEPSS 0.7%CWE-1287
This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input validation, allows attackers to disrupt operations. If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Affected products
Moxa · EDS-405A SeriesMoxa · EDS-408A SeriesMoxa · EDS-505A SeriesMoxa · EDS-508A SeriesMoxa · EDS-510A SeriesMoxa · EDS-510E SeriesMoxa · EDS-516A SeriesMoxa · EDS-518A SeriesMoxa · EDS-518E SeriesMoxa · EDS-528E SeriesMoxa · EDS-608 SeriesMoxa · EDS-611 SeriesMoxa · EDS-616 SeriesMoxa · EDS-619 SeriesMoxa · EDS-G508E SeriesMoxa · EDS-G509 SeriesMoxa · EDS-G512E SeriesMoxa · EDS-G516E SeriesMoxa · EDS-P506E SeriesMoxa · EDS-P510A SeriesMoxa · EDS-P510 SeriesMoxa · ICS-G7526A SeriesMoxa · ICS-G7528A SeriesMoxa · ICS-G7748A SeriesMoxa · ICS-G7750A SeriesMoxa · ICS-G7752A SeriesMoxa · ICS-G7826A SeriesMoxa · ICS-G7828A SeriesMoxa · ICS-G7848A SeriesMoxa · ICS-G7850A SeriesMoxa · ICS-G7852A SeriesMoxa · IKS-6726A SeriesMoxa · IKS-6728A SeriesMoxa · IKS-G6524A SeriesMoxa · IKS-G6824A SeriesMoxa · PT-7728 SeriesMoxa · PT-7828 SeriesMoxa · PT-G503 SeriesMoxa · PT-G510 SeriesMoxa · SDS-3006 SeriesMoxa · SDS-3008 SeriesMoxa · SDS-3010 SeriesMoxa · SDS-3016 SeriesMoxa · SDS-G3006 SeriesMoxa · SDS-G3008 SeriesMoxa · SDS-G3010 SeriesMoxa · SDS-G3016 SeriesMoxa · VPort 07-3 Series

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-serieshttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-240931-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-eds,-ics,-iks,-and-sds-switcheshttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-240933-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-pt-switches