Cleartext Transmission Vulnerability in Moxa SDS-3008 Series Industrial Ethernet Switch
CVE-2022-40693

5.9MEDIUM

Key Information:

Vendor: Moxa
Status: Sds-3008 Series Industrial Ethernet Switch
Vendor: CVE Published:; 7 February 2023

What is CVE-2022-40693?

A vulnerability exists in the web application functionality of the Moxa SDS-3008 Series Industrial Ethernet Switch, allowing for cleartext transmission of sensitive information. Attackers can exploit this vulnerability through specialized network sniffing techniques, which could result in unauthorized access to private data as it travels across the network. It is crucial for users to review security practices and ensure that sensitive information is adequately protected against potential exposure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SDS-3008 Series Industrial Ethernet Switch 2.1

References

https://talosintelligence.com/vulnerability_reports/TALOS...

https://www.moxa.com/en/support/product-support/security-...

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 7, 2023
Vulnerability Reserved
Sep 20, 2022

JSON

Moxa

What is CVE-2022-40693?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.