OnCell G3470A-LTE Series Firmware Vulnerability

CVE-2024-4641

9.8CRITICAL

Key Information

Vendor: Moxa
Status: Oncell G3150a-lte Series
Vendor: CVE Published:; 25 June 2024

Summary

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to accepting a format string from an external source as an argument. An attacker could modify an externally controlled format string to cause a memory leak and denial of service.

Affected Version(s)

OnCell G3150A-LTE Series <= 1.7.7

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Jun 25, 2024
Vulnerability Reserved.
May 8, 2024

Collectors

NVD DatabaseMitre Database

Credit

Nikita Abramov from Positive Technologies