Multiple Moxa Product Series Affected by Linux Kernel Memory Double Free Vulnerability

Moxa Security Advisory

Multiple Moxa product series are affected by the Linux kernel memory double free vulnerability. A use-after-free vulnerability in the Linux kernel’s netfilter: nf_tables component could be exploited to achieve a system crash and local privilege escalation.

The identified vulnerability types and potential impacts are shown below:

Item
Vulnerability Type
Impact

1

Use After Free (CWE-416)

CVE-2024-1086

An attacker could exploit the vulnerability to achieve local privilege escalation or cause a system crash

Vulnerability Scoring Details 

ID

CVSS

Vector

Unauthenticated Remote Exploit

CVE-2024-1086

7.8

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
No

READ MORE