Cyber Resilience

CVE-2022-40224

HighPublic PoC

Published: 07 February 2023

Published
07 February 2023
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0372 88.2th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-40224 is a high-severity Insufficient Resource Pool (CWE-410) vulnerability in Moxa Sds-3008 Firmware. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 11.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A denial of service vulnerability exists in the web server functionality of the Moxa SDS-3008 Series Industrial Ethernet Switch version 2.1. The flaw, tracked as CVE-2022-40224, is triggered by a specially crafted HTTP message header and is assigned a CVSS v3.1 score of 7.5 with the vector string AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. It is associated with CWE-410.

An unauthenticated attacker with network access can send a malicious HTTP request to the device's web interface, causing the service to become unavailable and resulting in denial of service. No user interaction or credentials are required for exploitation.

Moxa has published a security advisory detailing the issue alongside related web vulnerabilities in the SDS-3008 series and provides remediation guidance at the referenced support page; Talos Intelligence has also released a detailed vulnerability report with technical analysis.

The EPSS score for this CVE rose from a low baseline to a peak of 0.1194 on 2026-02-08 before receding to the current value of 0.0372, indicating a period of increased exploitation interest after disclosure.

EU & UK References

Vulnerability details

A denial of service vulnerability exists in the web server functionality of Moxa SDS-3008 Series Industrial Ethernet Switch 2.1. A specially-crafted HTTP message header can lead to denial of service. An attacker can send an HTTP request to trigger this…

more

vulnerability.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

moxa
sds-3008 firmware
≤ 2.1
moxa
sds-3008-t firmware
≤ 2.1

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-410

Ensures a managed resource pool is maintained rather than allowing exhaustion by any single consumer.

References