Cleartext Transmission Vulnerability in Moxa EDS-G516E Series Firmware
CVE-2020-6997

7.5HIGH

Key Information:

Vendor: Moxa
Status: Moxa Eds-g516e Series Firmware, Version 5.2 Or Lower
Vendor: CVE Published:; 24 March 2020

What is CVE-2020-6997?

The Moxa EDS-G516E Series firmware versions 5.2 and lower are susceptible to a vulnerability that allows sensitive information to be transmitted in cleartext over certain web applications. This exposure can lead to unauthorized access to confidential data, making it crucial for users to upgrade their firmware to the latest version and implement secure communication protocols to protect their information.

Affected Version(s)

Moxa EDS-G516E Series firmware, Version 5.2 or lower Moxa EDS-G516E Series firmware, Version 5.2 or lower

References

https://www.us-cert.gov/ics/advisories/icsa-20-056-04

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 24, 2020
Vulnerability Reserved
Jan 14, 2020