Weak Password Vulnerability in Moxa EDS-G516E Series Firmware
CVE-2020-6991

9.8CRITICAL

Key Information:

Vendor: Moxa
Status: Moxa Eds-g516e Series Firmware, Version 5.2 Or Lower
Vendor: CVE Published:; 24 March 2020

Summary

The Moxa EDS-G516E Series firmware versions 5.2 and lower have been identified to possess weak password requirements. This vulnerability can be exploited by attackers using brute force methods to gain unauthorized access to the system. It is critical for users to update their firmware to a more secure version and to implement stringent password policies to mitigate potential threats.

Affected Version(s)

Moxa EDS-G516E Series firmware, Version 5.2 or lower Moxa EDS-G516E Series firmware, Version 5.2 or lower

References

https://www.us-cert.gov/ics/advisories/icsa-20-056-04

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 24, 2020
Vulnerability Reserved
Jan 14, 2020