Weak Cryptographic Algorithm in Moxa PT-7528 and PT-7828 Series Firmware
CVE-2020-6987

7.5HIGH

Key Information:

Vendor: Moxa
Status: Moxa Pt-7528 Series Firmware, Version 4.0 Or Lower, Pt-7828 Series Firmware, Version 3.9 Or Lower
Vendor: CVE Published:; 24 March 2020

Summary

The Moxa PT-7528 and PT-7828 series firmware suffers from a vulnerability due to the implementation of a weak cryptographic algorithm. This weakness may expose sensitive information, posing a risk to data confidentiality and integrity. Affected versions include PT-7528 firmware version 4.0 and lower, as well as PT-7828 firmware version 3.9 and lower. Users are advised to upgrade to the latest firmware to mitigate this issue.

Affected Version(s)

Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower

References

https://www.us-cert.gov/ics/advisories/icsa-20-056-03

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 24, 2020
Vulnerability Reserved
Jan 14, 2020