{"id":1574258,"date":"2025-03-11T09:23:37","date_gmt":"2025-03-11T11:23:37","guid":{"rendered":"https:\/\/teknomers.com\/fr\/moxa-problemes-correction-pour-la-vulnerabilite-de-contournement-de-lauthentification-critique-dans-les-commutateurs-pt\/"},"modified":"2025-03-11T09:23:42","modified_gmt":"2025-03-11T11:23:42","slug":"moxa-problemes-correction-pour-la-vulnerabilite-de-contournement-de-lauthentification-critique-dans-les-commutateurs-pt","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/moxa-problemes-correction-pour-la-vulnerabilite-de-contournement-de-lauthentification-critique-dans-les-commutateurs-pt\/","title":{"rendered":"MOXA PROBL\u00c8MES Correction pour la vuln\u00e9rabilit\u00e9 de contournement de l&#8217;authentification critique dans les commutateurs PT"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">11 mars 2025<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">S\u00e9curit\u00e9 \/ vuln\u00e9rabilit\u00e9 ICS<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" href=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/MOXA-PROBLEMES-Correction-pour-la-vulnerabilite-de-contournement-de-lauthentification.png\" style=\"clear: left; display: block; float: left;  text-align: center;\"><\/a><\/div>\n<p>La soci\u00e9t\u00e9 ta\u00efwanaise Moxa a publi\u00e9 une mise \u00e0 jour de s\u00e9curit\u00e9 pour aborder un d\u00e9faut de s\u00e9curit\u00e9 critique impactant ses commutateurs PT qui pourraient permettre \u00e0 un attaquant de contourner les garanties d&#8217;authentification.<\/p>\n<p>La vuln\u00e9rabilit\u00e9, suivie comme <strong>CVE-2024-12297<\/strong>a re\u00e7u un score CVSS V4 de 9,2 sur un maximum de 10,0.<\/p>\n<p>&#8220;Plusieurs commutateurs MOXA PT sont vuln\u00e9rables \u00e0 un pontage d&#8217;authentification en raison de d\u00e9fauts dans leur m\u00e9canisme d&#8217;autorisation&#8221;, la soci\u00e9t\u00e9 <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\/mpsa-241408-cve-2024-12297-frontend-authorization-logic-disclosure-vulnerability-identified-in-pt-switches\" target=\"_blank\">dit<\/a> Dans un avis publi\u00e9 la semaine derni\u00e8re.<\/p>\n<p>&#8220;Malgr\u00e9 la v\u00e9rification du serveur c\u00f4t\u00e9 client et back-end, les attaquants peuvent exploiter les faiblesses de son impl\u00e9mentation. Cette vuln\u00e9rabilit\u00e9 peut permettre des attaques brute-force pour deviner les informations d&#8217;identification valides ou les attaques de collision MD5 pour forger des hachages d&#8217;authentification, compromettant potentiellement la s\u00e9curit\u00e9 de l&#8217;appareil.&#8221;<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener sponsored\" href=\"https:\/\/thehackernews.uk\/cis-securesuite\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybers\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/1740818990_705_Mozilla-met-a-jour-les-termes-de-Firefox-apres-le.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Une exploitation r\u00e9ussie de la lacune, en d&#8217;autres termes, pourrait conduire \u00e0 un contournement d&#8217;authentification et permettre \u00e0 un attaquant d&#8217;obtenir un acc\u00e8s non autoris\u00e9 \u00e0 des configurations sensibles ou \u00e0 perturber les services.<\/p>\n<p>La faille a un impact sur les versions suivantes &#8211;<\/p>\n<ul>\n<li>S\u00e9rie PT-508 (version du firmware 3.8 et plus t\u00f4t)<\/li>\n<li>S\u00e9rie PT-510 (version du firmware 3.8 et plus t\u00f4t)<\/li>\n<li>S\u00e9rie PT-7528 (Firmware version 5.0 et plus t\u00f4t)<\/li>\n<li>S\u00e9rie PT-7728 (version du firmware 3.9 et plus t\u00f4t)<\/li>\n<li>S\u00e9rie PT-7828 (Firmware version 4.0 et plus t\u00f4t)<\/li>\n<li>S\u00e9rie PT-G503 (Firmware version 5.3 et plus t\u00f4t)<\/li>\n<li>S\u00e9rie PT-G510 (Firmware version 6.5 et plus t\u00f4t)<\/li>\n<li>S\u00e9rie PT-G7728 (version du firmware 6.5 et plus t\u00f4t), et<\/li>\n<li>S\u00e9rie PT-G7828 (version du firmware 6.5 et plus t\u00f4t)<\/li>\n<\/ul>\n<p>Des correctifs pour la vuln\u00e9rabilit\u00e9 peuvent \u00eatre obtenus en contactant le <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/support\/support\/technical-support\" target=\"_blank\">Support technique Moxa<\/a> \u00e9quipe. La soci\u00e9t\u00e9 a cr\u00e9dit\u00e9 Artem Turyshev de Rosatom Automated Control Systems (RASU), bas\u00e9e \u00e0 Moscou (RASU) pour avoir signal\u00e9 la vuln\u00e9rabilit\u00e9.<\/p>\n<p>En dehors de l&#8217;application des derniers correctifs, les entreprises utilisant les produits affect\u00e9s sont recommand\u00e9s pour restreindre l&#8217;acc\u00e8s au r\u00e9seau \u00e0 l&#8217;aide de pare-feu ou de listes de contr\u00f4le d&#8217;acc\u00e8s (ACL), d&#8217;appliquer la segmentation du r\u00e9seau, de minimiser l&#8217;exposition directe \u00e0 Internet, d&#8217;impl\u00e9menter l&#8217;authentification multi-facteurs (MFA) pour acc\u00e9der aux syst\u00e8mes critiques, activer le journalisation des \u00e9v\u00e9nements et surveiller le trafic du r\u00e9seau et le comportement des p\u00e9riph\u00e9riques pour les activit\u00e9s inhabituelles.<\/p>\n<p>Il convient de noter que Moxa <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\/mpsa-241407-cve-2024-12297-frontend-authorization-logic-disclosure-vulnerability-in-eds-508a-series\" target=\"_blank\">r\u00e9solu<\/a> La m\u00eame vuln\u00e9rabilit\u00e9 dans la s\u00e9rie Ethernet Switch EDS-508A, ex\u00e9cutant le firmware version 3.11 et plus t\u00f4t, \u00e0 la mi-janvier 2025.<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener sponsored\" href=\"https:\/\/thehackernews.uk\/cloud-secure-d\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybers\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/Mozilla-met-a-jour-les-termes-de-Firefox-apres-le.jpg\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Le d\u00e9veloppement intervient un peu plus de deux mois apr\u00e8s le d\u00e9placement de Moxa pour deux vuln\u00e9rabilit\u00e9s de s\u00e9curit\u00e9 ayant un impact sur ses routeurs cellulaires, ses routeurs s\u00e9curis\u00e9s et ses appareils de s\u00e9curit\u00e9 du r\u00e9seau (CVE-2024-9138 et CVE-2024-9140) qui pourraient permettre une escalade de privil\u00e8ge et une ex\u00e9cution de commande.<\/p>\n<p>Le mois dernier, il aussi <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\/mpsa-240164-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-en-50155-switches\" target=\"_blank\">abord\u00e9<\/a> <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\/mpsa-240163-cve-2024-7695-out-of-bounds-write-vulnerability-in-multiple-eds,-ics,-iks,-and-sds-switches\" target=\"_blank\">multiple<\/a> <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\/mpsa-240162-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-multiple-pt-switches\" target=\"_blank\">haute s\u00e9v\u00e9rit\u00e9<\/a> <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-series\" target=\"_blank\">d\u00e9fauts<\/a> <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\/mpsa-240931-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-eds,-ics,-iks,-and-sds-switches\" target=\"_blank\">affectant<\/a> <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\/mpsa-240933-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-pt-switches\" target=\"_blank\">divers<\/a> <a rel=\"noopener nofollow\" href=\"https:\/\/www.moxa.com\/en\/support\/product-support\/security-advisory\/mpsa-241156-cve-2024-9137-missing-authentication-vulnerability-in-ethernet-switches\" target=\"_blank\">interrupteurs<\/a> (CVE-2024-7695, CVE-2024-9404 et CVE-2024-9137) qui pourraient entra\u00eener une attaque de d\u00e9ni de service (DOS) ou une ex\u00e9cution de commande.<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant? Suivez-nous <a rel=\"noopener nofollow\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Gazouillement <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"noopener nofollow\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">Liendin<\/a> Pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2025\/03\/moxa-issues-fix-for-critical.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80211 mars 2025\ue804Ravie LakshmananS\u00e9curit\u00e9 \/ vuln\u00e9rabilit\u00e9 ICS La soci\u00e9t\u00e9 ta\u00efwanaise Moxa a publi\u00e9 une mise \u00e0 jour de s\u00e9curit\u00e9 pour aborder un d\u00e9faut de s\u00e9curit\u00e9 critique impactant ses commutateurs PT qui pourraient permettre \u00e0 un attaquant de contourner les garanties d&#8217;authentification. La vuln\u00e9rabilit\u00e9, suivie comme CVE-2024-12297a re\u00e7u un score CVSS V4 de 9,2 sur un [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1574259,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[274266,274265,4168,5860,20618,29836,22,79002,274264,4161,274263,6124,429,54519,65,274267,4160,271524,185,3279,238617,246491,4172,79016,4166,3667,4164],"class_list":["post-1574258","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-actualites-de-piratage","tag-actualites-des-pirates","tag-comment-pirater","tag-commutateurs","tag-contournement","tag-correction","tag-critique","tag-cyber-security-news","tag-cyber-security-news-aujourdhui","tag-cyber-mises-a-jour","tag-cyber-nouvelles","tag-cyberattaques","tag-dans","tag-lauthentification","tag-les","tag-malware-ransomware","tag-mises-a-jour-de-la-cybersecurite","tag-moxa","tag-pour","tag-problemes","tag-securite-de-linformation","tag-securite-du-reseau","tag-securite-informatique","tag-the-hacker-news","tag-violation-de-donnees","tag-vulnerabilite","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1574258","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=1574258"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1574258\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/1574259"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=1574258"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=1574258"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=1574258"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}