Vulnerabilities > CVE-2020-14511 - Out-of-bounds Write vulnerability in Moxa products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

moxa

CWE-787

NVD

Published: 2020-07-15

Updated: 2021-09-23

Summary

Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4).

Vulnerable Configurations

Part	Description	Count
OS	Moxa Moxa EDR G902 T Firmware - Moxa EDR G902 T Firmware 5.4 Moxa EDR G902 Firmware - Moxa EDR G902 Firmware 5.4 Moxa EDR G903 T Firmware - Moxa EDR G903 T Firmware 5.4 Moxa EDR G903 Firmware - Moxa EDR G903 Firmware 5.4	8
Hardware	Moxa Moxa EDR G902 T - Moxa EDR G902 - Moxa EDR G903 T - Moxa EDR G903 -	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-196-02