CVE-2024-6787: MXview One Series vulnerable to Time-of-check Time-of-use (TOCTOU) Race Condition
First published: Sat Sep 21 2024(Updated: )
This vulnerability occurs when an attacker exploits a race condition between the time a file is checked and the time it is used (TOCTOU). By exploiting this race condition, an attacker can write arbitrary files to the system. This could allow the attacker to execute malicious code and potentially cause file losses.
Credit: psirt@moxa.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Moxa Mxview One | <1.4.1 |
Remedy
Moxa has developed appropriate solutions to address vulnerability. The solutions for affected products are listed below. * MXview One Series: Upgrade to the 1.4.1 version
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/title
- agent/first-publish-date
- agent/description
- agent/type
- agent/author
- agent/event
- agent/references
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/tags
- vendor/moxa
- canonical/moxa mxview one