Vulnerabilites related to Moxa - PT-7828 Series
var-202003-1610
Vulnerability from variot
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa. Attackers can use this vulnerability to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1610",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pt-7528-8mst-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-f-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828 f-24",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 f-24-24",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 f-24-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 f-48",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 f-48-48",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=3.9"
},
{
"model": "pt-7528 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv wv",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "9566e086-c3ef-4608-93be-35191c9dc622"
},
{
"db": "CNVD",
"id": "CNVD-2020-13511"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"db": "NVD",
"id": "CVE-2020-6987"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-24-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-24-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-48_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-48-48_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
}
]
},
"cve": "CVE-2020-6987",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-6987",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003323",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-13511",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "9566e086-c3ef-4608-93be-35191c9dc622",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-6987",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003323",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-6987",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-003323",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-13511",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-1190",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "9566e086-c3ef-4608-93be-35191c9dc622",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-6987",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "9566e086-c3ef-4608-93be-35191c9dc622"
},
{
"db": "CNVD",
"id": "CNVD-2020-13511"
},
{
"db": "VULMON",
"id": "CVE-2020-6987"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1190"
},
{
"db": "NVD",
"id": "CVE-2020-6987"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa. Attackers can use this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6987"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"db": "CNVD",
"id": "CNVD-2020-13511"
},
{
"db": "IVD",
"id": "9566e086-c3ef-4608-93be-35191c9dc622"
},
{
"db": "VULMON",
"id": "CVE-2020-6987"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6987",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-20-056-03",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2020-13511",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1190",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003323",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.0725",
"trust": 0.6
},
{
"db": "IVD",
"id": "9566E086-C3EF-4608-93BE-35191C9DC622",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2020-6987",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "9566e086-c3ef-4608-93be-35191c9dc622"
},
{
"db": "CNVD",
"id": "CNVD-2020-13511"
},
{
"db": "VULMON",
"id": "CVE-2020-6987"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1190"
},
{
"db": "NVD",
"id": "CVE-2020-6987"
}
]
},
"id": "VAR-202003-1610",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "9566e086-c3ef-4608-93be-35191c9dc622"
},
{
"db": "CNVD",
"id": "CNVD-2020-13511"
}
],
"trust": 1.5375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "9566e086-c3ef-4608-93be-35191c9dc622"
},
{
"db": "CNVD",
"id": "CNVD-2020-13511"
}
]
},
"last_update_date": "2024-11-23T21:36:01.495000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.moxa.com/en/"
},
{
"title": "Patch for Moxa PT-7528 and PT-7828 Series Weak Password Algorithm Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/204851"
},
{
"title": "Moxa PT-7528 and PT-7828 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110384"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13511"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1190"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-327",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"db": "NVD",
"id": "CVE-2020-6987"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-03"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6987"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6987"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0725/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/327.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13511"
},
{
"db": "VULMON",
"id": "CVE-2020-6987"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1190"
},
{
"db": "NVD",
"id": "CVE-2020-6987"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "9566e086-c3ef-4608-93be-35191c9dc622"
},
{
"db": "CNVD",
"id": "CNVD-2020-13511"
},
{
"db": "VULMON",
"id": "CVE-2020-6987"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1190"
},
{
"db": "NVD",
"id": "CVE-2020-6987"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-25T00:00:00",
"db": "IVD",
"id": "9566e086-c3ef-4608-93be-35191c9dc622"
},
{
"date": "2020-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13511"
},
{
"date": "2020-03-24T00:00:00",
"db": "VULMON",
"id": "CVE-2020-6987"
},
{
"date": "2020-04-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"date": "2020-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1190"
},
{
"date": "2020-03-24T19:15:21.337000",
"db": "NVD",
"id": "CVE-2020-6987"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13511"
},
{
"date": "2020-03-26T00:00:00",
"db": "VULMON",
"id": "CVE-2020-6987"
},
{
"date": "2020-04-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003323"
},
{
"date": "2020-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1190"
},
{
"date": "2024-11-21T05:36:26.417000",
"db": "NVD",
"id": "CVE-2020-6987"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1190"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa PT-7528 and PT-7828 Vulnerability in using cryptographic algorithms in series firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003323"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1190"
}
],
"trust": 0.6
}
}
var-202003-1608
Vulnerability from variot
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console. (DoS) It may be put into a state. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1608",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pt-7528-8mst-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-f-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=3.9"
},
{
"model": "pt-7528 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv wv",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "c2284339-03a2-4473-87f3-c396444ea32f"
},
{
"db": "CNVD",
"id": "CNVD-2020-13513"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"db": "NVD",
"id": "CVE-2020-6985"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-hv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-wv-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12mst-12tx-4gsfp-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-wv_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
}
]
},
"cve": "CVE-2020-6985",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2020-6985",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.1,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-003383",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-13513",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "c2284339-03a2-4473-87f3-c396444ea32f",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-6985",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003383",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-6985",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-003383",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-13513",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-1171",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "c2284339-03a2-4473-87f3-c396444ea32f",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-6985",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "c2284339-03a2-4473-87f3-c396444ea32f"
},
{
"db": "CNVD",
"id": "CNVD-2020-13513"
},
{
"db": "VULMON",
"id": "CVE-2020-6985"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1171"
},
{
"db": "NVD",
"id": "CVE-2020-6985"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console. (DoS) It may be put into a state. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6985"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"db": "CNVD",
"id": "CNVD-2020-13513"
},
{
"db": "IVD",
"id": "c2284339-03a2-4473-87f3-c396444ea32f"
},
{
"db": "VULMON",
"id": "CVE-2020-6985"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6985",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-20-056-03",
"trust": 3.1
},
{
"db": "CNVD",
"id": "CNVD-2020-13513",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1171",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003383",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "47434",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0725",
"trust": 0.6
},
{
"db": "IVD",
"id": "C2284339-03A2-4473-87F3-C396444EA32F",
"trust": 0.2
},
{
"db": "VULMON",
"id": "CVE-2020-6985",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "c2284339-03a2-4473-87f3-c396444ea32f"
},
{
"db": "CNVD",
"id": "CNVD-2020-13513"
},
{
"db": "VULMON",
"id": "CVE-2020-6985"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1171"
},
{
"db": "NVD",
"id": "CVE-2020-6985"
}
]
},
"id": "VAR-202003-1608",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "c2284339-03a2-4473-87f3-c396444ea32f"
},
{
"db": "CNVD",
"id": "CNVD-2020-13513"
}
],
"trust": 1.5375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "c2284339-03a2-4473-87f3-c396444ea32f"
},
{
"db": "CNVD",
"id": "CNVD-2020-13513"
}
]
},
"last_update_date": "2024-11-23T21:36:01.388000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.moxa.com/en/"
},
{
"title": "Patch for Moxa PT-7528 and PT-7828 Series Hard Credential Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/204855"
},
{
"title": "Moxa PT-7528 and PT-7828 Repair measures for trust management problem vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110369"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13513"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1171"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"db": "NVD",
"id": "CVE-2020-6985"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-03"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6985"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6985"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47434"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0725/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/798.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13513"
},
{
"db": "VULMON",
"id": "CVE-2020-6985"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1171"
},
{
"db": "NVD",
"id": "CVE-2020-6985"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "c2284339-03a2-4473-87f3-c396444ea32f"
},
{
"db": "CNVD",
"id": "CNVD-2020-13513"
},
{
"db": "VULMON",
"id": "CVE-2020-6985"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1171"
},
{
"db": "NVD",
"id": "CVE-2020-6985"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-25T00:00:00",
"db": "IVD",
"id": "c2284339-03a2-4473-87f3-c396444ea32f"
},
{
"date": "2020-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13513"
},
{
"date": "2020-03-24T00:00:00",
"db": "VULMON",
"id": "CVE-2020-6985"
},
{
"date": "2020-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"date": "2020-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1171"
},
{
"date": "2020-03-24T20:15:14.943000",
"db": "NVD",
"id": "CVE-2020-6985"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-02T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13513"
},
{
"date": "2020-03-26T00:00:00",
"db": "VULMON",
"id": "CVE-2020-6985"
},
{
"date": "2020-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003383"
},
{
"date": "2020-08-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1171"
},
{
"date": "2024-11-21T05:36:26.153000",
"db": "NVD",
"id": "CVE-2020-6985"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1171"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa PT-7528 and PT-7828 Vulnerability in using hard-coded credentials in series firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003383"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1171"
}
],
"trust": 0.6
}
}
var-202003-1666
Vulnerability from variot
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access. Moxa PT-7528 and PT-7828 The series firmware contains a vulnerability related to the request for a weak password.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1666",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pt-7528-8mst-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-f-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=3.9"
},
{
"model": "pt-7528 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv wv",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285"
},
{
"db": "CNVD",
"id": "CNVD-2020-13514"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"db": "NVD",
"id": "CVE-2020-6995"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-hv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-wv-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12mst-12tx-4gsfp-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-wv_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
}
]
},
"cve": "CVE-2020-6995",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-6995",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003385",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-13514",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "0c731115-513e-49b7-8112-8834cb2de285",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-6995",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003385",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-6995",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "JVNDB-2020-003385",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2020-13514",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-1167",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285"
},
{
"db": "CNVD",
"id": "CNVD-2020-13514"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1167"
},
{
"db": "NVD",
"id": "CVE-2020-6995"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access. Moxa PT-7528 and PT-7828 The series firmware contains a vulnerability related to the request for a weak password.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6995"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"db": "CNVD",
"id": "CNVD-2020-13514"
},
{
"db": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6995",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-056-03",
"trust": 3.0
},
{
"db": "CNVD",
"id": "CNVD-2020-13514",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1167",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003385",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "47427",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0725",
"trust": 0.6
},
{
"db": "IVD",
"id": "0C731115-513E-49B7-8112-8834CB2DE285",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285"
},
{
"db": "CNVD",
"id": "CNVD-2020-13514"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1167"
},
{
"db": "NVD",
"id": "CVE-2020-6995"
}
]
},
"id": "VAR-202003-1666",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285"
},
{
"db": "CNVD",
"id": "CNVD-2020-13514"
}
],
"trust": 1.5375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285"
},
{
"db": "CNVD",
"id": "CNVD-2020-13514"
}
]
},
"last_update_date": "2024-11-23T21:36:01.690000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.moxa.com/en/"
},
{
"title": "Patch for Moxa PT-7528 and PT-7828 Series Weak Password Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/204857"
},
{
"title": "Moxa PT-7528 and PT-7828 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110366"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13514"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1167"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-521",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"db": "NVD",
"id": "CVE-2020-6995"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-03"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6995"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6995"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47427"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0725/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13514"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1167"
},
{
"db": "NVD",
"id": "CVE-2020-6995"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285"
},
{
"db": "CNVD",
"id": "CNVD-2020-13514"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1167"
},
{
"db": "NVD",
"id": "CVE-2020-6995"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-25T00:00:00",
"db": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285"
},
{
"date": "2020-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13514"
},
{
"date": "2020-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"date": "2020-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1167"
},
{
"date": "2020-03-24T20:15:15.100000",
"db": "NVD",
"id": "CVE-2020-6995"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13514"
},
{
"date": "2020-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003385"
},
{
"date": "2020-08-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1167"
},
{
"date": "2024-11-21T05:36:27.387000",
"db": "NVD",
"id": "CVE-2020-6995"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1167"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa PT-7528 and PT-7828 Vulnerability in requesting weak passwords in series firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003385"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "IVD",
"id": "0c731115-513e-49b7-8112-8834cb2de285"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1167"
}
],
"trust": 0.8
}
}
var-202003-1601
Vulnerability from variot
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data can be recovered. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1601",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pt-7528-8mst-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-f-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828 f-24",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 f-24-24",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 f-24-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 f-48",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 f-48-48",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=3.9"
},
{
"model": "pt-7528 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv wv",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "eba56277-eeb7-4731-9c4d-337185d89917"
},
{
"db": "CNVD",
"id": "CNVD-2020-13512"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"db": "NVD",
"id": "CVE-2020-6983"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-24-24_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-24-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-48_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7828-f-48-48_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
}
]
},
"cve": "CVE-2020-6983",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-6983",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003322",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-13512",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "eba56277-eeb7-4731-9c4d-337185d89917",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-6983",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003322",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-6983",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-003322",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-13512",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-1176",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "eba56277-eeb7-4731-9c4d-337185d89917",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "eba56277-eeb7-4731-9c4d-337185d89917"
},
{
"db": "CNVD",
"id": "CNVD-2020-13512"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1176"
},
{
"db": "NVD",
"id": "CVE-2020-6983"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility that confidential data can be recovered. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6983"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"db": "CNVD",
"id": "CNVD-2020-13512"
},
{
"db": "IVD",
"id": "eba56277-eeb7-4731-9c4d-337185d89917"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6983",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-056-03",
"trust": 3.0
},
{
"db": "CNVD",
"id": "CNVD-2020-13512",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1176",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003322",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2020.0725",
"trust": 0.6
},
{
"db": "IVD",
"id": "EBA56277-EEB7-4731-9C4D-337185D89917",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "eba56277-eeb7-4731-9c4d-337185d89917"
},
{
"db": "CNVD",
"id": "CNVD-2020-13512"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1176"
},
{
"db": "NVD",
"id": "CVE-2020-6983"
}
]
},
"id": "VAR-202003-1601",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "eba56277-eeb7-4731-9c4d-337185d89917"
},
{
"db": "CNVD",
"id": "CNVD-2020-13512"
}
],
"trust": 1.5375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "eba56277-eeb7-4731-9c4d-337185d89917"
},
{
"db": "CNVD",
"id": "CNVD-2020-13512"
}
]
},
"last_update_date": "2024-11-23T21:36:01.593000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.moxa.com/en/"
},
{
"title": "Patch for Moxa PT-7528 and PT-7828 Series Hardcoded Vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/204853"
},
{
"title": "Moxa PT-7528 and PT-7828 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110372"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13512"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1176"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-798",
"trust": 1.8
},
{
"problemtype": "CWE-321",
"trust": 1.0
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"db": "NVD",
"id": "CVE-2020-6983"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-03"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6983"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6983"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0725/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13512"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1176"
},
{
"db": "NVD",
"id": "CVE-2020-6983"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "eba56277-eeb7-4731-9c4d-337185d89917"
},
{
"db": "CNVD",
"id": "CNVD-2020-13512"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1176"
},
{
"db": "NVD",
"id": "CVE-2020-6983"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-25T00:00:00",
"db": "IVD",
"id": "eba56277-eeb7-4731-9c4d-337185d89917"
},
{
"date": "2020-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13512"
},
{
"date": "2020-04-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"date": "2020-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1176"
},
{
"date": "2020-03-24T19:15:21.257000",
"db": "NVD",
"id": "CVE-2020-6983"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13512"
},
{
"date": "2020-04-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003322"
},
{
"date": "2020-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1176"
},
{
"date": "2024-11-21T05:36:25.897000",
"db": "NVD",
"id": "CVE-2020-6983"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1176"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa PT-7528 and PT-7828 Vulnerability in using hard-coded credentials in series firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003322"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1176"
}
],
"trust": 0.6
}
}
var-202003-1665
Vulnerability from variot
In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without authorization. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa. Attackers can use this vulnerability to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1665",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "pt-7528-8mst-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-f-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16mst-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8mst-16tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8msc-16tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-24",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20mst-4tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-16msc-8tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-f-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7828-r-48",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-8ssc-16tx-4gsfp-wv-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-20msc-4tx-4gsfp-wv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828-r-24-hv",
"scope": "lte",
"trust": 1.0,
"vendor": "moxa",
"version": "3.9"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-hv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12msc-12tx-4gsfp-wv-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-12mst-12tx-4gsfp-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-hv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-hv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7528-24tx-wv-wv",
"scope": "eq",
"trust": 0.8,
"vendor": "moxa",
"version": "4.0"
},
{
"model": "pt-7828 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=3.9"
},
{
"model": "pt-7528 series",
"scope": "lte",
"trust": 0.6,
"vendor": "moxa",
"version": "\u003c=4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12mst 12tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16msc 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 16mst 8tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20msc 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 20mst 4tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8msc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8mst 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 8ssc 16tx 4gsfp wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 f hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 24",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 24tx wv wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 24 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 48",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r 48 hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7828 r hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp hv hv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "pt 7528 12msc 12tx 4gsfp wv wv",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691"
},
{
"db": "CNVD",
"id": "CNVD-2020-13507"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"db": "NVD",
"id": "CVE-2020-6993"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-hv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12msc-12tx-4gsfp-wv-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-12mst-12tx-4gsfp-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-hv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-hv_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:moxa:pt-7528-24tx-wv-wv_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
}
]
},
"cve": "CVE-2020-6993",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2020-6993",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2020-003384",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2020-13507",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2020-6993",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-003384",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2020-6993",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-003384",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2020-13507",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-1164",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691",
"trust": 0.2,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691"
},
{
"db": "CNVD",
"id": "CNVD-2020-13507"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1164"
},
{
"db": "NVD",
"id": "CVE-2020-6993"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without authorization. Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa. Attackers can use this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-6993"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"db": "CNVD",
"id": "CNVD-2020-13507"
},
{
"db": "IVD",
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-6993",
"trust": 3.2
},
{
"db": "ICS CERT",
"id": "ICSA-20-056-03",
"trust": 3.0
},
{
"db": "CNVD",
"id": "CNVD-2020-13507",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1164",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003384",
"trust": 0.8
},
{
"db": "NSFOCUS",
"id": "47431",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "47492",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0725",
"trust": 0.6
},
{
"db": "IVD",
"id": "D3266E45-A69A-4140-AE05-E8339F6A6691",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691"
},
{
"db": "CNVD",
"id": "CNVD-2020-13507"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1164"
},
{
"db": "NVD",
"id": "CVE-2020-6993"
}
]
},
"id": "VAR-202003-1665",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691"
},
{
"db": "CNVD",
"id": "CNVD-2020-13507"
}
],
"trust": 1.5375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691"
},
{
"db": "CNVD",
"id": "CNVD-2020-13507"
}
]
},
"last_update_date": "2024-11-23T21:36:01.354000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.moxa.com/en/"
},
{
"title": "Patch for Moxa PT-7528 and PT-7828 Series Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/204859"
},
{
"title": "Moxa PT-7528 and PT-7828 Repair measures for information disclosure vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110364"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13507"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1164"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"db": "NVD",
"id": "CVE-2020-6993"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-03"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-6993"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-6993"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47492"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0725/"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/47431"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2020-13507"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1164"
},
{
"db": "NVD",
"id": "CVE-2020-6993"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691"
},
{
"db": "CNVD",
"id": "CNVD-2020-13507"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-1164"
},
{
"db": "NVD",
"id": "CVE-2020-6993"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-25T00:00:00",
"db": "IVD",
"id": "d3266e45-a69a-4140-ae05-e8339f6a6691"
},
{
"date": "2020-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13507"
},
{
"date": "2020-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"date": "2020-02-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1164"
},
{
"date": "2020-03-24T20:15:15.023000",
"db": "NVD",
"id": "CVE-2020-6993"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2020-13507"
},
{
"date": "2020-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-003384"
},
{
"date": "2020-08-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-1164"
},
{
"date": "2024-11-21T05:36:27.113000",
"db": "NVD",
"id": "CVE-2020-6993"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1164"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Moxa PT-7528 and PT-7828 Information leakage vulnerability in series firmware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-003384"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-1164"
}
],
"trust": 0.6
}
}
CVE-2024-12297 (GCVE-0-2024-12297)
Vulnerability from cvelistv5
Published
2025-01-15 10:00
Modified
2025-03-06 08:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-656 - Reliance on Security Through Obscurity
Summary
Moxa’s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable brute-force attacks to guess valid credentials or MD5 collision attacks to forge authentication hashes, potentially compromising the security of the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| â–¼ | Moxa | EDS-508A Series |
Version: 1.0 < |
||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12297",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T14:49:11.063174Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T14:49:22.117Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EDS-508A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-508 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.8",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-510 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.8",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-7528 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-7728 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-7828 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "4.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G503 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G510 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G7728 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G7828 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Artem Turyshev from Rosatom Automated Control Systems Joint-Stock Company"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Moxa\u2019s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable brute-force attacks to guess valid credentials or MD5 collision attacks to forge authentication hashes, potentially compromising the security of the device.\u003cbr\u003e"
}
],
"value": "Moxa\u2019s Ethernet switch is vulnerable to an authentication bypass because of flaws in its authorization mechanism. Although both client-side and back-end server verification are involved in the process, attackers can exploit weaknesses in its implementation. These vulnerabilities may enable brute-force attacks to guess valid credentials or MD5 collision attacks to forge authentication hashes, potentially compromising the security of the device."
}
],
"impacts": [
{
"capecId": "CAPEC-49",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-49: Password Brute Forcing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-656",
"description": "CWE-656: Reliance on Security Through Obscurity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T08:27:52.297Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241407-cve-2024-12297-frontend-authorization-logic-disclosure-vulnerability-in-eds-508a-series"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241408-cve-2024-12297-frontend-authorization-logic-disclosure-vulnerability-identified-in-pt-switches"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMoxa has released appropriate solutions to address vulnerability. The solutions for the affected products are listed below.\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eEDS-508A Series: Please contact Moxa Technical Support for the security patch\u003c/p\u003e\u003c/li\u003e\u003cli\u003e\u003cp\u003ePT Series:\u0026nbsp;Please contact Moxa Technical Support for the security patch\u003cbr\u003e\u003cbr\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Moxa has released appropriate solutions to address vulnerability. The solutions for the affected products are listed below.\n\n * EDS-508A Series: Please contact Moxa Technical Support for the security patch\n\n\n * PT Series:\u00a0Please contact Moxa Technical Support for the security patch"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Frontend Authorization Logic Disclosure Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eMinimize network exposure to ensure the device is not accessible from the Internet.\u003c/li\u003e\u003cli\u003eLimit SSH access to trusted IP addresses and networks using firewall rules or TCP wrappers. \u003c/li\u003e\u003cli\u003eImplement IDS or Intrusion Prevention System (IPS) to detect and prevent exploitation attempts. These systems can provide an additional layer of defense by monitoring network traffic for signs of attacks. \u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
}
],
"value": "* Minimize network exposure to ensure the device is not accessible from the Internet.\n * Limit SSH access to trusted IP addresses and networks using firewall rules or TCP wrappers. \n * Implement IDS or Intrusion Prevention System (IPS) to detect and prevent exploitation attempts. These systems can provide an additional layer of defense by monitoring network traffic for signs of attacks."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2024-12297",
"datePublished": "2025-01-15T10:00:46.524Z",
"dateReserved": "2024-12-06T04:02:40.742Z",
"dateUpdated": "2025-03-06T08:27:52.297Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9404 (GCVE-0-2024-9404)
Vulnerability from cvelistv5
Published
2024-12-04 03:54
Modified
2025-08-27 21:36
Severity ?
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
VLAI Severity ?
EPSS score ?
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Summary
This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input validation, allows attackers to disrupt operations. If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9404",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T20:10:01.447858Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:36:46.745Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "VPort 07-3 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-608 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-611 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-616 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-619 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-405A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.14",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-408A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-505A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-508A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-510A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-516A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-518A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G509 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-P510 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-P510A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-510E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-518E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-528E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G508E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G512E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G516E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-P506E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.8",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7526A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7528A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7748A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7750A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7752A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7826A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7828A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7848A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7850A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7852A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-G6524A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-6726A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-6728A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-G6824A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3006 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3008 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3010 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3016 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3006 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3008 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3010 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3016 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-7728 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-7828 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "4.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G503 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G510 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "YU-HSIANG HUANG (huang.yuhsiang.phone@gmail.com) from Moxa\u0027s cybersecurity testing team"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003c/p\u003e\u003cp\u003eThis vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input validation, allows attackers to disrupt operations. If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems.\u003cbr\u003e\u003c/p\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input validation, allows attackers to disrupt operations. If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems."
}
],
"impacts": [
{
"capecId": "CAPEC-6",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-6: Argument Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Limited Impact: In some cases, the vulnerability may only cause the network server service (HTTPS on port 443) to restart. This does not disrupt the device\u2019s core functions, and after an automatic restart, the service resumes normal operation."
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Limited Impact: In some cases, the vulnerability may only cause the network server service (HTTPS on port 443) to restart. This does not disrupt the device\u2019s core functions, and after an automatic restart, the service resumes normal operation."
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Higher Impact: In more severe exploitation scenarios, attackers can leverage the Moxa service (moxa_cmd), originally intended for deployment purposes. Due to insufficient input validation, this can lead to a cold start or a denial-of-service (DoS) condition, resulting in a full device reboot and potential service disruptions."
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Higher Impact: In more severe exploitation scenarios, attackers can leverage the Moxa service (moxa_cmd), originally intended for deployment purposes. Due to insufficient input validation, this can lead to a cold start or a denial-of-service (DoS) condition, resulting in a full device reboot and potential service disruptions."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T01:56:28.176Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-series"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240931-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-eds,-ics,-iks,-and-sds-switches"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240933-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-pt-switches"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePlease refer to the security advisories:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-series\"\u003eCVE-2024-9404: Denial-of-Service Vulnerability Identified in the VPort 07-3 Series\u003c/a\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240931-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-eds,-ics,-iks,-and-sds-switches\"\u003eCVE-2024-9404: Denial-of-Service Vulnerability Identified in Multiple EDS, ICS, IKS, and SDS Switches\u003c/a\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003eCVE-2024-9404: Denial-of-Service Vulnerability Identified in Multiple PT Switches\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Please refer to the security advisories:\n\n\n * CVE-2024-9404: Denial-of-Service Vulnerability Identified in the VPort 07-3 Series https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240930-cve-2024-9404-denial-of-service-vulnerability-identified-in-the-vport-07-3-series \n\n * CVE-2024-9404: Denial-of-Service Vulnerability Identified in Multiple EDS, ICS, IKS, and SDS Switches https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240931-cve-2024-9404-denial-of-service-vulnerability-identified-in-multiple-eds,-ics,-iks,-and-sds-switches \n\n * CVE-2024-9404: Denial-of-Service Vulnerability Identified in Multiple PT Switches"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Denial-of-Service Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eTo mitigate the risks\nassociated with this vulnerability, we recommend the following actions:\u003c/p\u003e\n\n\u003cul\u003e\n \u003cli\u003eDisable Moxa Service and Moxa Service\n (Encrypted) temporarily if they are not required for operations. This will\n minimize potential attack vectors until a patch or updated firmware is\n applied.\u003c/li\u003e\n\u003c/ul\u003e"
}
],
"value": "To mitigate the risks\nassociated with this vulnerability, we recommend the following actions:\n\n\n\n\n * Disable Moxa Service and Moxa Service\n (Encrypted) temporarily if they are not required for operations. This will\n minimize potential attack vectors until a patch or updated firmware is\n applied."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2024-9404",
"datePublished": "2024-12-04T03:54:32.073Z",
"dateReserved": "2024-10-01T06:37:38.790Z",
"dateUpdated": "2025-08-27T21:36:46.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7695 (GCVE-0-2024-7695)
Vulnerability from cvelistv5
Published
2025-01-29 07:42
Modified
2025-02-22 14:48
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack.
References
| â–¼ | URL | Tags |
|---|---|---|
| https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240162-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-multiple-pt-switches | vendor-advisory | |
| https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240163-cve-2024-7695-out-of-bounds-write-vulnerability-in-multiple-eds,-ics,-iks,-and-sds-switches | vendor-advisory | |
| https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240164-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-en-50155-switches | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| â–¼ | Moxa | PT-7728 Series |
Version: 1.0 < |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7695",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-29T14:21:18.811300Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:51:14.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PT-7728 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-7828 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "4.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G503 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G510 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G7728 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G7828 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-608 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-611 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-616 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-619 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-405A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.14",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-408A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-505A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-508A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-510A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-516A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-518A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G509 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-P510 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-P510A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-510E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-518E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-528E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G508E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G512E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G516E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-P506E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.8",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7526A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7528A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7748A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7750A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7752A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7826A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7828A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7848A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7850A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7852A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-G6524A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-6726A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-6728A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-G6824A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3006 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3008 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3010 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3016 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3006 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3008 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3010 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3016 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TN-G4500 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TN-G6500 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMultiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack. \u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Multiple switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100: Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-22T14:48:56.211Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240162-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-multiple-pt-switches"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240163-cve-2024-7695-out-of-bounds-write-vulnerability-in-multiple-eds,-ics,-iks,-and-sds-switches"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240164-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-en-50155-switches"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Please refer to the security advisories:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240162-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-multiple-pt-switches\"\u003eCVE-2024-7695: Out-of-bounds Write Vulnerability Identified in Multiple PT Switches\u003c/a\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240163-cve-2024-7695-out-of-bounds-write-vulnerability-in-multiple-eds,-ics,-iks,-and-sds-switches\"\u003eCVE-2024-7695: Out-of-bounds Write Vulnerability in Multiple EDS, ICS, IKS, and SDS Switches\u003c/a\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003eCVE-2024-7695: Out-of-bounds Write Vulnerability Identified in EN 50155 Switches\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Please refer to the security advisories:\n * CVE-2024-7695: Out-of-bounds Write Vulnerability Identified in Multiple PT Switches https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240162-cve-2024-7695-out-of-bounds-write-vulnerability-identified-in-multiple-pt-switches \n\n * CVE-2024-7695: Out-of-bounds Write Vulnerability in Multiple EDS, ICS, IKS, and SDS Switches https://www.moxa.com/en/support/product-support/security-advisory/mpsa-240163-cve-2024-7695-out-of-bounds-write-vulnerability-in-multiple-eds,-ics,-iks,-and-sds-switches \n\n * CVE-2024-7695: Out-of-bounds Write Vulnerability Identified in EN 50155 Switches"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Out-of-bounds Write Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eTo mitigate the risks associated with this vulnerability, we recommend the following actions: \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eDisable Moxa Service and Moxa Service (Encrypted) temporarily if they are not required for operations. This will minimize potential attack vectors until a patch or updated firmware is applied.\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
}
],
"value": "To mitigate the risks associated with this vulnerability, we recommend the following actions: \n\n\n\n * Disable Moxa Service and Moxa Service (Encrypted) temporarily if they are not required for operations. This will minimize potential attack vectors until a patch or updated firmware is applied."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2024-7695",
"datePublished": "2025-01-29T07:42:54.913Z",
"dateReserved": "2024-08-12T03:06:13.231Z",
"dateUpdated": "2025-02-22T14:48:56.211Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9137 (GCVE-0-2024-9137)
Vulnerability from cvelistv5
Published
2024-10-14 08:09
Modified
2025-09-19 08:08
Severity ?
8.8 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
9.4 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise.
References
| â–¼ | URL | Tags |
|---|---|---|
| https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances | vendor-advisory | |
| https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241156-cve-2024-9137-missing-authentication-vulnerability-in-ethernet-switches | vendor-advisory |
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| â–¼ | Moxa | EDR-8010 Series |
Version: 1.0 < |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:moxa:edr-g9010:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "edr-g9010",
"vendor": "moxa",
"versions": [
{
"lessThanOrEqual": "3.12.1",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:moxa:nat-102:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "nat-102",
"vendor": "moxa",
"versions": [
{
"lessThanOrEqual": "1.0.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:moxa:tn-4900:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "tn-4900",
"vendor": "moxa",
"versions": [
{
"lessThanOrEqual": "3.6",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:moxa:oncell_g4302-lte4:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "oncell_g4302-lte4",
"vendor": "moxa",
"versions": [
{
"lessThanOrEqual": "3.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:moxa:edf-g1002-bp:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "edf-g1002-bp",
"vendor": "moxa",
"versions": [
{
"lessThanOrEqual": "3.12.1",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:moxa:edr-g9004:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "edr-g9004",
"vendor": "moxa",
"versions": [
{
"lessThanOrEqual": "3.12.1",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:moxa:edr-8010:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "edr-8010",
"vendor": "moxa",
"versions": [
{
"lessThanOrEqual": "3.12.1",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-14T15:27:27.483068Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T14:32:26.853Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "EDR-8010 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12.1",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDR-G9004 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12.1",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDR-G9010 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12.1",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDF-G1002-BP Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12.1",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NAT-102 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.0.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "OnCell G4302-LTE4 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TN-4900 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.6",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-608 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-611 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-616 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-619 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-405A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.14",
"status": "affected",
"version": "1.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "3.14.4",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-408A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "3.14.6",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-505A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-508A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-510A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.12",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-516A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-518A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G509 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-P510 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-P510A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.11",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-510E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-518E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-528E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G508E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G512E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-G516E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "EDS-P506E Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.8",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7526A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7528A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7748A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7750A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7752A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7826A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7828A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7848A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7850A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ICS-G7852A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-G6524A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-6726A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-6728A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IKS-G6824A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.10",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3006 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3008 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3010 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-3016 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3006 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3008 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3010 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "SDS-G3016 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-7728 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.9",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-7828 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "4.0",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G503 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.3",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G510 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G7728 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PT-G7828 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "6.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TN-4500A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.13",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TN-5500A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "3.13",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TN-G4500 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "TN-G6500 Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "5.5",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lars Haulin"
}
],
"datePublic": "2024-10-14T08:07:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise.\u003c/p\u003e"
}
],
"value": "The affected product lacks an authentication check when sending commands to the server via the Moxa service. This vulnerability allows an attacker to execute specified commands, potentially leading to unauthorized downloads or uploads of configuration files and system compromise."
}
],
"impacts": [
{
"capecId": "CAPEC-216",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-216 Communication Channel Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-19T08:08:52.357Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241156-cve-2024-9137-missing-authentication-vulnerability-in-ethernet-switches"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Please refer to the security advisories:\u003cbr\u003e\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances\"\u003eMissing Authentication and OS Command Injection Vulnerabilities in Cellular Routers, Secure Routers, and Network Security Appliances\u003c/a\u003e\u003cbr\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241156-cve-2024-9137-missing-authentication-vulnerability-in-ethernet-switches\"\u003eCVE-2024-9137: Missing Authentication Vulnerability in Ethernet Switches\u003c/a\u003e\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "Please refer to the security advisories:\n * Missing Authentication and OS Command Injection Vulnerabilities in Cellular Routers, Secure Routers, and Network Security Appliances https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241154-missing-authentication-and-os-command-injection-vulnerabilities-in-routers-and-network-security-appliances \n\n * CVE-2024-9137: Missing Authentication Vulnerability in Ethernet Switches https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241156-cve-2024-9137-missing-authentication-vulnerability-in-ethernet-switches"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Moxa Service Missing Authentication for Critical Function",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eTo mitigate the risks associated with this vulnerability, we recommend the following actions:\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisable Moxa Service and Moxa Service (Encrypted) temporarily if they are not required for operations. This will minimize potential attack vectors until a patch or updated firmware is applied.\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eRefer to the \u003cem\u003eGeneral Security Best Practices\u003c/em\u003e\u0026nbsp;section to further strengthen your security posture.\u003c/p\u003e"
}
],
"value": "To mitigate the risks associated with this vulnerability, we recommend the following actions:\n\n * Disable Moxa Service and Moxa Service (Encrypted) temporarily if they are not required for operations. This will minimize potential attack vectors until a patch or updated firmware is applied.\n\n\nRefer to the General Security Best Practices\u00a0section to further strengthen your security posture."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2024-9137",
"datePublished": "2024-10-14T08:09:22.689Z",
"dateReserved": "2024-09-24T07:11:35.456Z",
"dateUpdated": "2025-09-19T08:08:52.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}