[Cybersecurity Vulnerability Notice] Moxa

KJ Intelligent Corp. 4F. 5A, No. 7, Sec. 3, New Taipei Blvd., Xinzhuang Dist., New Taipei City 242032 , Taiwan (R.O.C.)

【雲智維資安預警通知】漏洞分享 - Microsoft Edge 多個漏洞 Microsoft Edge 存在多個漏洞，允許遠端攻擊者利用這些漏洞，於目標系統觸發遠端執行任意程式碼、阻斷服務狀況、篡改及敏感資料洩露，其影響系統或版本如下：受影響之系統/漏洞描述： Microsoft Edge Stable Channel 134.0.3124.66 之前的版本建議改善措施：企業及使用者如有上述漏洞版本應儘速更新：請更新至 Microsoft Edge Stable Channel 134.0.3124.66 或之後的版本。情資報告連結：https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security#march-12-2025https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-1920https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-2135https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-2136https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-2137https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24201https://support.apple.com/en-us/122285 https://www.kjintelligent.com/en/hot_511898.html [Cybersecurity Vulnerability Notice] Microsoft Edge 2025-03-18 2026-03-18

KJ Intelligent Corp. 4F. 5A, No. 7, Sec. 3, New Taipei Blvd., Xinzhuang Dist., New Taipei City 242032 , Taiwan (R.O.C.) https://www.kjintelligent.com/en/hot_511898.html

KJ Intelligent Corp. 4F. 5A, No. 7, Sec. 3, New Taipei Blvd., Xinzhuang Dist., New Taipei City 242032 , Taiwan (R.O.C.) https://www.kjintelligent.com/en/hot_511898.html

https://schema.org/EventMovedOnline https://schema.org/OfflineEventAttendanceMode

2025-03-18 http://schema.org/InStock TWD 0 https://www.kjintelligent.com/en/hot_511898.html

Home Hot News Information Security [Cybersecurity Vulnerability Notice] Moxa [2024-10-18]

【雲智維資安預警通知】

漏洞分享 - Moxa路由器存在未經授權存取和操作系統命令注入漏洞
Moxa 旗下部分行動通訊路由器、安全路由器、網路設備存在高風險漏洞CVE-2024-9137、CVE-2024-9139，並指出這些漏洞有可能導致未經授權存取或是系統損壞的情況。

CVE-2024-9137影響之產品下：

EDR-8010 Series Firmware version 3.12.1 and earlier versions
EDR-G9004 Seires Firmware version 3.12.1 and earlier versions
EDR-G9010 Series Firmware version 3.12.1 and earlier versions
EDR-G1002-BP Series Firmware version 3.12.1 and earlier versions
NAT-102 Series Firmware version 1.0.5 and earlier versions
OnCell G4302-LTE4 Series Firmware version 3.9 and earlier versions
TN-4900 Series Firmware version 3.6 and earlier versions

CVE-2024-9139:影響之產品如下：

EDR-8010 Series Firmware version 3.12.1 and earlier versions
EDR-G9004 Seires Firmware version 3.12.1 and earlier versions
EDR-G9010 Series Firmware version 3.12.1 and earlier versions
EDF-G1002-BP Series Firmware version 3.12.1 and earlier versions
NAT-102 Series Firmware version 1.0.5 and earlier versions
OnCell G4302-LTE4 Series Firmware version 3.9 and earlier versions
TN-4900 Series Firmware version 3.6 and earlier versions

建議改善措施：

1. 企業及使用者如有上述漏洞版本應儘速更新至以下版本：

EDR-8010 Series Upgrade to the firmware version 3.13

EDR-G9004 Series Upgrade to the firmware version 3.13

EDR-G9010 Series Upgrade to the firmware version 3.13

EDF-G1002-BP Series Upgrade to the firmware version 3.13

NAT-102 Series Please contact Moxa Technical Support for the security patch

OnCell G4302-LTE4 Series Upgrade to the firmware version 3.13

TN-4900 Series Upgrade to the firmware version 3.13

2. 對於無法即時套用新版韌體的企業組織，緩解措施建議減少裝置曝露於網際網路、透過防火牆限制存取(白名單)，以及採用入侵偵測系統（IDS）、入侵防禦系統（IPS）來偵測及防範漏洞利用的情況。

情資報告連結：https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances

Previous Back to List Next