CVE-2020-27185
7.5HIGH
Key Information
- Vendor
- Moxa
- Status
- Nport Ia5000a Series With Moxa Service Enabled
- Vendor
- CVE Published:
- 14 May 2021
Summary
Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, device configuration, and other sensitive data transmitted over Moxa Service.
Affected Version(s)
NPort IA5000A Series with Moxa Service enabled = All versions
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database