As of June 15, 2022, this site no longer supports Internet Explorer. Please use another browser for the best experience on our site.

Product support

Security Advisories

SUMMARY

Multiple Vulnerabilities in MXview One and MXview One Central Manager Series

The impact of CVE-2024-6785, CVE-2024-6786, and CVE-2024-6787 vulnerabilities is detailed in this advisory. These vulnerabilities lead to various attacks, including the exposure of local credentials and arbitrary file writing to the system via the Message Queuing Telemetry Transport (MQTT) protocol. The affected products are MXview One and MXview One Central Manager Series. 

The identified vulnerability types and potential impacts are listed below:

Item Vulnerability Type Impact
1 CWE-313: Cleartext Storage in a File or on Disk (*CVE-2024-6785) The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused because of sensitive information exposure.
2 CWE-24: Path Traversal: ‘../filedir’ (*CVE-2024-6786) The vulnerability allows an attacker to craft MQTT messages that include relative path traversal sequences, enabling them to read arbitrary files on the system. This could lead to the disclosure of sensitive information, such as configuration files and JWT signing secrets.
3 CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition (*CVE-2024-6787) This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses.

Note: An asterisk (*) in the table above indicates newly assigned Common Vulnerabilities and Exposures (CVE) identifiers.

Vulnerability Scoring Details

ID Base Score Vector Unauthenticated Remote Exploits
CVE-2024-6785 CVSS 3.1: 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N No
CVSS 4.0: 6.8 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N No
CVE-2024-6786 CVSS 3.1: 6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N No
CVSS 4.0: 6.0 AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N No
CVE-2024-6787 CVSS 3.1: 5.3 AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N No
CVSS 4.0: 6.0 AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N No
AFFECTED PRODUCTS AND SOLUTIONS

The Products Affected by CVE-2024-6785

The affected products and software versions are listed below.

Product Series Affected Versions
MXview One Series Software version 1.3.0 and earlier versions
MXview One Central Manager Series Software version 1.0.0

The Products Affected by CVE-2024-6786 and CVE-2024-6787

The affected products and software versions are listed below.

Product Series Affected Versions
MXview One Series Software version 1.4.0 and earlier versions

 

Solutions

Moxa has developed appropriate solutions to address these vulnerabilities. The solutions for the affected products are listed below.

Product Series Solutions
MXview One Series Upgrade to the software 1.4.1 version
MXview One Central Manager Series Upgrade to the software 1.0.3 version

 

Mitigations

  • Minimize network exposure to ensure the device is not accessible from the Internet.
  • It is highly recommended to change the default credentials immediately upon your first login to the service. This helps enhance security and prevent unauthorized access.

 

Acknowledgment

We would like to express our appreciation to Noam Moshe of Claroty Research - Team82 for reporting the vulnerability, working with us to enhance the security of our products, and helping us provide better service to our customers.

 

Revision History

VERSION DESCRIPTION RELEASE DATE
1.0 First release September 21, 2024
1.1 Add ICSA-24-268-05 in Reference September 26, 2024

Relevant Products

MXview One Central Manager Series · MXview One Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag
You have some items waiting in your bag; click here to finish your quote!
Feedback