Multiple Moxa products are affected by the CVE-2024-6387 OpenSSH vulnerability. CVE-2024-6387 is a remote unauthenticated code execution vulnerability in OpenSSH, specifically related to a race condition in the OpenSSH server (sshd). The issue arises when a client fails to authenticate within the LoginGraceTime period (default is 120 seconds, or 600 seconds in older OpenSSH versions). In this case, the sshd’s SIGALRM signal handler is invoked asynchronously. However, this signal handler calls several functions that are unsafe to use in asynchronous signal contexts, such as syslog().
The identified vulnerability types and potential impacts are listed below:
Item |
Vulnerability Type |
Impact |
1 |
Signal Handler Race Condition (CWE-364)
CVE-2024-6387
|
This vulnerability allows attackers to execute arbitrary code with root privileges on vulnerable systems without authentication. |
Vulnerability Scoring Details
ID
|
CVSS
|
Vector
|
Unauthenticated Remote Exploit
|
CVE-2024-6387 |
8.8
|
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
Yes |