CVE-2019-9095

6.2MEDIUM

Key Information:

Vendor: Moxa
Status: Mb3170 Firmware
Vendor: CVE Published:; 11 March 2020

Summary

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker may be able to intercept weakly encrypted passwords and gain administrative access.

References

https://www.us-cert.gov/ics/advisories/icsa-20-056-01

x_refsource_MISC

https://www.moxa.com/en/support/support/security-advisory...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 11, 2020
Vulnerability Reserved
Feb 24, 2019