The vulnerability of the microprogramming software used in industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as the microprogramming software used in wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A, AWK-1131A, and AWK-1137C models, is related to the unencrypted storage of critical information. This vulnerability allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

🗓️ 02 Nov 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

The microprogramming software of certain Moxa industrial modems and wireless access points stores unencrypted critical data, enabling security bypass.

Reporter	Title	Published	Views	Family All 1
CVE	CVE-2021-37755	2 Nov 202200:00	–	cve

Vulners

Node

moxa moxa_oncell_g3470a-lteRange≤1.7

OR

moxa wdr-3124a_seriesRange≤1.3

OR

moxa tap-323_seriesRange≤1.3

OR

moxa moxa_oncell_g3150a-lteRange≤1.5

OR

moxa moxa_awk-3131aRange≤1.16

OR

moxa moxa_awk-4131aRange≤1.16

OR

moxa moxa_awk-1131aRange≤1.22

OR

moxa moxa_awk-1137cRange≤1.6

OR

moxa moxa_tap-213Range≤1.2

Source	Link
moxa	www.moxa.com/en/support/product-support/security-advisory/oncell-g3150a-g3470-wdr-3124a-cellular-gateways-router-vulnerabilities
moxa	www.moxa.com/en/support/product-support/security-advisory/awk-3131a-4131a-1131a-1137c-wireless-ap-bridge-client-vulnerabilities
moxa	www.moxa.ru/novosti/tidings/prod/ustranenie-uyazvimostej-ustrojstv-tap-213-tap-323/
web	www.web.nvd.nist.gov/view/vuln/detail

02 Nov 2022 00:00Current

5.5Medium risk

Vulners AI Score5.5

CVSS 37.3

CVSS 27.5

Moxa industrial modems Moxa access points unencrypted data storage security bypass unauthorized access