CERTFR-2024-AVI-0570
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les produits Moxa. Elle permet à un attaquant de provoquer une élévation de privilèges et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Moxa | N/A | UC-8540 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | AIG-302 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | DA-820C Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | EDS-G4000 Series versions antérieures à 4.1 | ||
| Moxa | N/A | UC-1200A Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | DA-682C Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | EXPC-1519 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | UC-8100A-ME-T Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MXsecurity versions antérieures à 2.1.0 | ||
| Moxa | N/A | UC-8200 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | UC-2100 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | AIG-301 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | UC-8100-ME Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | BXP-C100 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MC-7400 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | DA-681C Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | DA-720 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | ioThinx 4530 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MPC-2240 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | UC-5100 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | ioPAC 8600 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MPC-2121 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MPC-2070 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | UC-8410A Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | V2403C Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MPC-2190 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | UC-3100 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | V2406C Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | UC-2200A Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | DRP-A100 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | DRP-C100 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | V2201 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MC-1100 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MPC-2101 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MPC-2150 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | UC-8100 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | EDS-4000 Series versions antérieures à 4.1 | ||
| Moxa | N/A | UC-8580 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | MPC-2120 Series sans les derniers correctifs de sécurité | ||
| Moxa | N/A | DA-681A Series sans les derniers correctifs de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "UC-8540 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "AIG-302 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "DA-820C Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "EDS-G4000 Series versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-1200A Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "DA-682C Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "EXPC-1519 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8100A-ME-T Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MXsecurity versions ant\u00e9rieures \u00e0 2.1.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8200 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-2100 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "AIG-301 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8100-ME Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "BXP-C100 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MC-7400 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "DA-681C Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "DA-720 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "ioThinx 4530 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MPC-2240 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-5100 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "ioPAC 8600 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MPC-2121 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MPC-2070 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8410A Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "V2403C Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MPC-2190 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-3100 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "V2406C Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-2200A Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "DRP-A100 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "DRP-C100 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "V2201 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MC-1100 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MPC-2101 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MPC-2150 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8100 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "EDS-4000 Series versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8580 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "MPC-2120 Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "DA-681A Series sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-1086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0570",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Moxa. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Moxa",
"vendor_advisories": [
{
"published_at": "2024-07-10",
"title": "Bulletin de s\u00e9curit\u00e9 Moxa mpsa-249807",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-249807-multiple-moxa-product-series-affected-by-linux-kernel-memory-double-free-vulnerability"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…