The Products Affected by CVE-2024-6785
The affected products and software versions are listed below.
Product Series |
Affected Versions |
MXview One Series |
Software version 1.3.0 and earlier versions |
MXview One Central Manager Series |
Software version 1.0.0 |
The Products Affected by CVE-2024-6786 and CVE-2024-6787
The affected products and software versions are listed below.
Product Series |
Affected Versions |
MXview One Series |
Software version 1.4.0 and earlier versions |
Solutions
Moxa has developed appropriate solutions to address these vulnerabilities. The solutions for the affected products are listed below.
Mitigations
- Minimize network exposure to ensure the device is not accessible from the Internet.
- It is highly recommended to change the default credentials immediately upon your first login to the service. This helps enhance security and prevent unauthorized access.
Acknowledgment
We would like to express our appreciation to Noam Moshe of Claroty Research - Team82 for reporting the vulnerability, working with us to enhance the security of our products, and helping us provide better service to our customers.
Revision History
VERSION |
DESCRIPTION |
RELEASE DATE |
1.0 |
First release |
September 21, 2024 |
1.1 |
Add ICSA-24-268-05 in Reference |
September 26, 2024 |