Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2024-9404

Disclosure Date: December 04, 2024 •

CVE-2024-9404

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input validation, allows attackers to disrupt operations. If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

General Information

Offensive Application

Unknown

Utility Class

Unknown

Ports

Unknown

Vulnerable Versions

VPort 07-3 Series 1.0

EDS-608 Series 3.12

EDS-611 Series 3.12

EDS-616 Series 3.12

EDS-619 Series 3.12

EDS-405A Series 3.14

EDS-408A Series 3.12

EDS-505A Series 3.11

EDS-508A Series 3.11

EDS-510A Series 3.12

EDS-516A Series 3.11

EDS-518A Series 3.11

EDS-G509 Series 3.10

EDS-P510 Series 3.11

EDS-P510A Series 3.11

EDS-510E Series 5.5

EDS-518E Series 6.3

EDS-528E Series 6.3

EDS-G508E Series 6.4

EDS-G512E Series 6.4

EDS-G516E Series 6.4

EDS-P506E Series 5.8

ICS-G7526A Series 5.10

ICS-G7528A Series 5.10

ICS-G7748A Series 5.9

ICS-G7750A Series 5.9

ICS-G7752A Series 5.9

ICS-G7826A Series 5.10

ICS-G7828A Series 5.10

ICS-G7848A Series 5.9

ICS-G7850A Series 5.9

ICS-G7852A Series 5.9

IKS-G6524A Series 5.10

IKS-6726A Series 5.9

IKS-6728A Series 5.9

IKS-G6824A Series 5.10

SDS-3006 Series 3.0

SDS-3008 Series 3.0

SDS-3010 Series 3.0

SDS-3016 Series 3.0

SDS-G3006 Series 3.0

SDS-G3008 Series 3.0

SDS-G3010 Series 3.0

SDS-G3016 Series 3.0

PT-7728 Series 3.9

PT-7828 Series 4.0

PT-G503 Series 5.3

PT-G510 Series 6.5

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

Moxa

Products

References

Canonical

CVE-2024-9404 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9404)

Miscellaneous

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-series

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240931-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-eds,-ics,-iks,-and-sds-switches

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240933-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-pt-switches

Rapid7

Unknown

CVE-2024-9404

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-9404

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-9404

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-9404

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification