Information Disclosure Vulnerability in Moxa EDR 810 Device
CVE-2019-10963

4.3MEDIUM

Key Information:

Vendor: Moxa
Status: Moxa Edr 810
Vendor: CVE Published:; 8 October 2019

Summary

The Moxa EDR 810 device, specifically in versions 5.1 and earlier, contains a vulnerability that permits an unauthenticated user to retrieve exported log files from the device. This security flaw can lead to the disclosure of sensitive information, as these log files may contain information that is critical to the device's operation and could potentially be exploited by malicious actors. It is important for users of affected versions to implement immediate security measures to mitigate this risk.

Affected Version(s)

Moxa EDR 810 All versions 5.1 and prior

References

https://www.us-cert.gov/ics/advisories/icsa-19-274-03

x_refsource_MISC

http://packetstormsecurity.com/files/154943/Moxa-EDR-810-...

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 8, 2019
Vulnerability Reserved
Apr 8, 2019