MOXA has issued a high-severity advisory for a critical authentication bypass vulnerability in a range of Ethernet switches, tracked as CVE-2024-12297 with a CVSS score of 9.2. The flaw lies in the frontend authorization logic and could allow an attacker to bypass authentication and seize control of the switch, potentially exposing the industrial traffic passing through the device. The vulnerability may enable brute-force attacks to guess valid credentials or MD5 collision attacks to forge authentication hashes.
Affected models include the TN-A Series (Firmware v4.1 and earlier), TN-4500A Series, TN-5500A Series, TN-G Series (Firmware v5.5 and earlier), TN-G4500 Series and TN-G6500 Series, with patches available as v3.13.255 for TN-A, TN-4500A and TN-5500A, and v5.5.255 for the TN-G series.
Organisations unable to update immediately are advised to adopt a defence-in-depth approach, restricting network access, minimising exposure by avoiding internet exposure, and securing remote access with VPNs or SSH, as administrators prioritise this update. 5 February 2026.