Lucene search
IcscertCVELIST:CVE-2020-25196HistoryDec 23, 2020 - 2:08 p.m.
CVE-2020-25196 MOXA NPort IAW5000A-I/O Series
2020-12-2314:08:41
CWE-307
icscert
www.cve.org
3
cve-2020-25196
moxa
nport iaw5000a-i/o
firmware
vulnerability
ssh
telnet
authentication
bypass
brute force
web server
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.003
Percentile
69.5%
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication.
CNA Affected
[
{
"product": "NPort IAW5000A-I/O",
"vendor": "MOXA",
"versions": [
{
"lessThanOrEqual": "Version 2.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
nessus
nessus
prion
prion
Authentication flaw
2020-12-23 15:15:00
nvd
nvd
CVE-2020-25196
2020-12-23 15:15:15
cve
cve
CVE-2020-25196
2020-12-23 15:15:15
ics
ics
MOXA NPort IAW5000A-I/O Series
2020-10-13 12:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.5
Confidence
High
EPSS
0.003
Percentile
69.5%
Related for CVELIST:CVE-2020-25196