Moxa has released a security update addressing a critical vulnerability (CVE-2024-12297) in its PT switches that could allow attackers to bypass authentication. The flaw received a severe CVSS v4 score of 9.2 out of 10.0.

“Multiple Moxa PT switches are vulnerable to an authentication bypass because of flaws in their authorization mechanism,” Moxa stated in their advisory. Despite having client-side and back-end verification systems in place, weaknesses in implementation could enable brute-force attacks or MD5 collision attacks to forge authentication hashes.

Successful exploitation could give unauthorized access to sensitive configurations or disrupt services across multiple affected product lines, including:

– PT-508 Series (Firmware ≤ 3.8)
– PT-510 Series (Firmware ≤ 3.8)
– PT-7528 Series (Firmware ≤ 5.0)
– PT-7728 Series (Firmware ≤ 3.9)
– PT-7828 Series (Firmware ≤ 4.0)
– PT-G503 Series (Firmware ≤ 5.3)
– PT-G510, PT-G7728, PT-G7828 Series (Firmware ≤ 6.5)

Patches are available through Moxa Technical Support. The vulnerability was reported by Artem Turyshev from Rosatom Automated Control Systems (RASU).

Recommended security measures include:
– Applying the latest patches
– Restricting network access with firewalls/ACLs
– Implementing network segmentation
– Minimizing internet exposure
– Enabling multi-factor authentication
– Monitoring for unusual activities

This update follows Moxa’s earlier patches for similar vulnerabilities in other products, including the EDS-508A Series in January 2025 and fixes for cellular routers and network security appliances in recent months.