Vulnerabilities > CVE-2023-4227 - Incorrect Authorization vulnerability in Moxa Iologik E4200 Firmware 1.6

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

moxa

CWE-863

NVD

Published: 2023-08-24

Updated: 2023-08-29

Summary

A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of sensitive information. The vulnerability is attributed to the presence of an unauthorized service, which could potentially enable unauthorized access to the. device.

Vulnerable Configurations

Part	Description	Count
OS	Moxa Moxa Iologik E4200 Firmware - Moxa Iologik E4200 Firmware 1.6	2
Hardware	Moxa Moxa Iologik E4200 -	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-iologik-4000-series-multiple-web-server-vulnerabilities-and-improper-access-control-vulnerability