Buffer Overflow Vulnerability in Moxa EDS-G516E Series Firmware
CVE-2020-6999

6.5MEDIUM

Key Information:

Vendor: Moxa
Status: Moxa Eds-g516e Series Firmware, Version 5.2 Or Lower
Vendor: CVE Published:; 26 March 2020

What is CVE-2020-6999?

The vulnerability in the Moxa EDS-G516E Series firmware arises from improper validation of parameters in the setting pages, which can lead to a buffer overflow condition. This occurs in firmware versions 5.2 and lower, where text input does not fit the allocated buffer size, potentially allowing an attacker to exploit this weakness for unauthorized access or control. Immediate mitigation measures and updates are recommended to protect against potential exploits.

Affected Version(s)

Moxa EDS-G516E Series firmware, Version 5.2 or lower Moxa EDS-G516E Series firmware, Version 5.2 or lower

References

https://www.us-cert.gov/ics/advisories/icsa-20-056-04

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 26, 2020
Vulnerability Reserved
Jan 14, 2020