CVE-2020-27185

7.5HIGH

Key Information

Vendor
Moxa
Status
Nport Ia5000a Series With Moxa Service Enabled
Vendor
CVE Published:
14 May 2021

Summary

Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, device configuration, and other sensitive data transmitted over Moxa Service.

Affected Version(s)

NPort IA5000A Series with Moxa Service enabled = All versions

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published.

  • Vulnerability Reserved.

Collectors

NVD DatabaseMitre Database
.