Security News > 2025 > March > Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches
2025-03-11 06:45
Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees. The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 score of 9.2 out of a maximum of 10.0. "Multiple Moxa PT switches are vulnerable to an authentication bypass because of flaws in their
News URL
https://thehackernews.com/2025/03/moxa-issues-fix-for-critical.html
Related news
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- ASUS warns of critical auth bypass flaw in routers using AiCloud (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Ivanti warns of critical Neurons for ITSM auth bypass flaw (source)
- Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE (source)
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)
- Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin (source)
- Hewlett Packard Enterprise warns of critical StoreOnce auth bypass (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-01-15 | CVE-2024-12297 | Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. | 0.0 |