Ddos 
Moxa has issued a high-severity security advisory for a newly discovered vulnerability—CVE-2024-9404—that affects its widely deployed PT-G7728 and PT-G7828 industrial Ethernet switches. This flaw could allow attackers to remotely crash or cold start the system, resulting in a denial-of-service (DoS) condition.
“Due to insufficient input validation, this service can be exploited to trigger a cold start or denial-of-service condition,” Moxa warns in its advisory.
The vulnerability exists in the moxa_cmd service, a deployment-focused feature that, when left exposed, becomes a potential vector for remote abuse. By sending specially crafted packets, unauthenticated attackers can crash the service or force a device reboot—interrupting mission-critical operations in environments such as transportation, energy, or manufacturing.
“If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems,” Moxa emphasizes.
| Product Series | Firmware Versions Impacted |
|---|---|
| PT-G7728 Series | 6.5 and earlier |
| PT-G7828 Series | 6.5 and earlier |
Moxa recommends the following actions to protect affected systems:
Solutions:
- Security patches are available via Moxa Technical Support
- Users should contact Moxa directly to obtain the latest firmware
Interim Mitigation:
- Disable the “Moxa Service” and “Moxa Service (Encrypted)” if not in active use
- Limit external access to Moxa devices via firewall rules or segmentation
Related Posts:
- Moxa PT Switches Vulnerable to CVE-2024-9404 Denial-of-Service Attack
- Critical Vulnerability in Moxa PT Switches Allows Unauthorized Access
- CVE-2024-1086: Linux Kernel Vulnerability Impacts Numerous Moxa Products
- CVE-2024-7695: Moxa Patches Critical Denial-of-Service Vulnerability in PT Switches
- CVE-2025-0676: High-Severity Vulnerability Threatens Moxa Network Devices
Donate