Vulnerabilities > CVE-2019-6520 - Unspecified vulnerability in Moxa products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

moxa

NVD

Published: 2019-03-05

Updated: 2020-10-19

Summary

Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being able to perform arbitrary configuration changes.

Vulnerable Configurations

Part	Description	Count
OS	Moxa Moxa IKS G6824A Firmware * Moxa EDS 405A Firmware * Moxa EDS 408A Firmware * Moxa EDS 510A Firmware *	4
Hardware	Moxa Moxa IKS G6824A - Moxa EDS 405A - Moxa EDS 408A - Moxa EDS 510A -	4

References

http://www.securityfocus.com/bid/107178
https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01