MOMA Seismic Station devices suffer from a critical authentication bypass vulnerability that grants unauthenticated attackers full control over device configurations and sensitive data.

The web management interface of the MOMA Seismic Station lacks any authentication requirements. This allows an unauthenticated, remote attacker to access the administrative dashboard directly.

The exposure of critical infrastructure management interfaces leads to significant operational risks. Attackers can modify seismic monitoring parameters, exfiltrate proprietary device data, or perform a factory reset, resulting in total loss of monitoring capabilities and data integrity. The CVSS score of 9.1 reflects the high impact on availability and confidentiality for industrial monitoring environments.

Immediate Action: Update the device firmware to the latest version provided by the vendor and ensure the web interface is placed behind a secure VPN or firewall.

Proactive Monitoring: Monitor network traffic for unauthorized access to the management IP address and review device logs for unexpected configuration changes or reset commands.

Compensating Controls: Restrict access to the management interface using Access Control Lists (ACLs) to ensure only authorized administrative workstations can communicate with the device.

Public Exploit Available: false

Organizations using MOMA Seismic Stations must immediately isolate these devices from the public internet. The primary remediation is to apply the latest firmware patches and enforce strict network-level authentication. Immediate action is required to prevent unauthorized physical or logical disruption of seismic data collection.