CVE-2020-6995

9.8CRITICAL

Key Information:

Vendor: Moxa
Status: Moxa Pt-7528 Series Firmware, Version 4.0 Or Lower, Pt-7828 Series Firmware, Version 3.9 Or Lower
Vendor: CVE Published:; 24 March 2020

Summary

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access.

Affected Version(s)

Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower

References

https://www.us-cert.gov/ics/advisories/icsa-20-056-03

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 24, 2020
Vulnerability Reserved
Jan 14, 2020