Moxa

A critical flaw in Moxa’s industrial Ethernet switches, CVE-2024-12297, risks compromising device integrity allowing unauthorized access to sensitive industrial systems. Successful exploitation could result in full administrative access, network segmentation breaches, traffic interception, and disruption of critical infrastructure operations such as power grids and manufacturing plants. The vulnerability exhibits high exploitable potential due to its network attack vector and low attack complexity. Moxa has issued firmware patches to mitigate the flaw, and authorities like the UAE Cyber Security Council have emphasized the importance of patching against the backdrop of potential severe impacts in critical sectors like oil, gas, and transportation.

Source: https://cybersecuritynews.com/moxa-industrial-ethernet-switches-vulnerability/

"id": "mox225031025",
"linkid": "moxa",
"type": "Vulnerability",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"