Lucene search

[email protected]NVD:CVE-2020-6989

HistoryMar 24, 2020 - 7:15 p.m.

CVE-2020-6989

2020-03-2419:15:21

CWE-121

CWE-787

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.013

Percentile

85.8%

JSON

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code.

Affected configurations

Nvd

Node

moxapt-7528-24tx-hv_firmwareRange≤4.0

AND

moxapt-7528-24tx-hvMatch-

Node

moxapt-7528-24tx-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-24tx-hv-hvMatch-

Node

moxapt-7528-24tx-wv_firmwareRange≤4.0

AND

moxapt-7528-24tx-wvMatch-

Node

moxapt-7528-24tx-wv-hv_firmwareRange≤4.0

AND

moxapt-7528-24tx-wv-hvMatch-

Node

moxapt-7528-24tx-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-24tx-wv-wvMatch-

Node

moxapt-7528-12msc-12tx-4gsfp-hv_firmwareRange≤4.0

AND

moxapt-7528-12msc-12tx-4gsfp-hvMatch-

Node

moxapt-7528-12msc-12tx-4gsfp-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-12msc-12tx-4gsfp-hv-hvMatch-

Node

moxapt-7528-12msc-12tx-4gsfp-wv_firmwareRange≤4.0

AND

moxapt-7528-12msc-12tx-4gsfp-wvMatch-

Node

moxapt-7528-12msc-12tx-4gsfp-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-12msc-12tx-4gsfp-wv-wvMatch-

Node

moxapt-7528-12mst-12tx-4gsfp-hv_firmwareRange≤4.0

AND

moxapt-7528-12mst-12tx-4gsfp-hvMatch-

Node

moxapt-7528-12mst-12tx-4gsfp-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-12mst-12tx-4gsfp-hv-hvMatch-

Node

moxapt-7528-12mst-12tx-4gsfp-wv_firmwareRange≤4.0

AND

moxapt-7528-12mst-12tx-4gsfp-wvMatch-

Node

moxapt-7528-12mst-12tx-4gsfp-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-12mst-12tx-4gsfp-wv-wvMatch-

Node

moxapt-7528-16msc-8tx-4gsfp-hv_firmwareRange≤4.0

AND

moxapt-7528-16msc-8tx-4gsfp-hvMatch-

Node

moxapt-7528-16msc-8tx-4gsfp-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-16msc-8tx-4gsfp-hv-hvMatch-

Node

moxapt-7528-16msc-8tx-4gsfp-wv_firmwareRange≤4.0

AND

moxapt-7528-16msc-8tx-4gsfp-wvMatch-

Node

moxapt-7528-16msc-8tx-4gsfp-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-16msc-8tx-4gsfp-wv-wvMatch-

Node

moxapt-7528-16mst-8tx-4gsfp-hv_firmwareRange≤4.0

AND

moxapt-7528-16mst-8tx-4gsfp-hvMatch-

Node

moxapt-7528-16mst-8tx-4gsfp-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-16mst-8tx-4gsfp-hv-hvMatch-

Node

moxapt-7528-16mst-8tx-4gsfp-wv_firmwareRange≤4.0

AND

moxapt-7528-16mst-8tx-4gsfp-wvMatch-

Node

moxapt-7528-16mst-8tx-4gsfp-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-16mst-8tx-4gsfp-wv-wvMatch-

Node

moxapt-7528-20msc-4tx-4gsfp-hv_firmwareRange≤4.0

AND

moxapt-7528-20msc-4tx-4gsfp-hvMatch-

Node

moxapt-7528-20msc-4tx-4gsfp-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-20msc-4tx-4gsfp-hv-hvMatch-

Node

moxapt-7528-20msc-4tx-4gsfp-wv_firmwareRange≤4.0

AND

moxapt-7528-20msc-4tx-4gsfp-wvMatch-

Node

moxapt-7528-20msc-4tx-4gsfp-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-20msc-4tx-4gsfp-wv-wvMatch-

Node

moxapt-7528-20mst-4tx-4gsfp-hv_firmwareRange≤4.0

AND

moxapt-7528-20mst-4tx-4gsfp-hvMatch-

Node

moxapt-7528-20mst-4tx-4gsfp-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-20mst-4tx-4gsfp-hv-hvMatch-

Node

moxapt-7528-20mst-4tx-4gsfp-wv_firmwareRange≤4.0

AND

moxapt-7528-20mst-4tx-4gsfp-wvMatch-

Node

moxapt-7528-20mst-4tx-4gsfp-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-20mst-4tx-4gsfp-wv-wvMatch-

Node

moxapt-7528-8msc-16tx-4gsfp-hv_firmwareRange≤4.0

AND

moxapt-7528-8msc-16tx-4gsfp-hvMatch-

Node

moxapt-7528-8msc-16tx-4gsfp-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-8msc-16tx-4gsfp-hv-hvMatch-

Node

moxapt-7528-8msc-16tx-4gsfp-wv_firmwareRange≤4.0

AND

moxapt-7528-8msc-16tx-4gsfp-wvMatch-

Node

moxapt-7528-8msc-16tx-4gsfp-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-8msc-16tx-4gsfp-wv-wvMatch-

Node

moxapt-7528-8mst-16tx-4gsfp-hv_firmwareRange≤4.0

AND

moxapt-7528-8mst-16tx-4gsfp-hvMatch-

Node

moxapt-7528-8mst-16tx-4gsfp-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-8mst-16tx-4gsfp-hv-hvMatch-

Node

moxapt-7528-8mst-16tx-4gsfp-wv_firmwareRange≤4.0

AND

moxapt-7528-8mst-16tx-4gsfp-wvMatch-

Node

moxapt-7528-8mst-16tx-4gsfp-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-8mst-16tx-4gsfp-wv-wvMatch-

Node

moxapt-7528-8ssc-16tx-4gsfp-hv-hv_firmwareRange≤4.0

AND

moxapt-7528-8ssc-16tx-4gsfp-hv-hvMatch-

Node

moxapt-7528-8ssc-16tx-4gsfp-wv-wv_firmwareRange≤4.0

AND

moxapt-7528-8ssc-16tx-4gsfp-wv-wvMatch-

Node

moxapt-7828-f-24_firmwareRange≤3.9

AND

moxapt-7828-f-24Match-

Node

moxapt-7828-f-24-24_firmwareRange≤3.9

AND

moxapt-7828-f-24-24Match-

Node

moxapt-7828-f-24-hv_firmwareRange≤3.9

AND

moxapt-7828-f-24-hvMatch-

Node

moxapt-7828-f-48_firmwareRange≤3.9

AND

moxapt-7828-f-48Match-

Node

moxapt-7828-f-48-48_firmwareRange≤3.9

AND

moxapt-7828-f-48-48Match-

Node

moxapt-7828-f-48-hv_firmwareRange≤3.9

AND

moxapt-7828-f-48-hvMatch-

Node

moxapt-7828-f-hv_firmwareRange≤3.9

AND

moxapt-7828-f-hvMatch-

Node

moxapt-7828-f-hv-hv_firmwareRange≤3.9

AND

moxapt-7828-f-hv-hvMatch-

Node

moxapt-7828-r-24_firmwareRange≤3.9

AND

moxapt-7828-r-24Match-

Node

moxapt-7828-r-24-24_firmwareRange≤3.9

AND

moxapt-7828-r-24-24Match-

Node

moxapt-7828-r-24-hv_firmwareRange≤3.9

AND

moxapt-7828-r-24-hvMatch-

Node

moxapt-7828-r-48_firmwareRange≤3.9

AND

moxapt-7828-r-48Match-

Node

moxapt-7828-r-48-48_firmwareRange≤3.9

AND

moxapt-7828-r-48-48Match-

Node

moxapt-7828-r-48-hv_firmwareRange≤3.9

AND

moxapt-7828-r-48-hvMatch-

Node

moxapt-7828-r-hv_firmwareRange≤3.9

AND

moxapt-7828-r-hvMatch-

Node

moxapt-7828-r-hv-hv_firmwareRange≤3.9

AND

moxapt-7828-r-hv-hvMatch-

VendorProductVersionCPE
moxapt-7528-24tx-hv_firmware*cpe:2.3:o:moxa:pt-7528-24tx-hv_firmware:*:*:*:*:*:*:*:*
moxapt-7528-24tx-hv-cpe:2.3:h:moxa:pt-7528-24tx-hv:-:*:*:*:*:*:*:*
moxapt-7528-24tx-hv-hv_firmware*cpe:2.3:o:moxa:pt-7528-24tx-hv-hv_firmware:*:*:*:*:*:*:*:*
moxapt-7528-24tx-hv-hv-cpe:2.3:h:moxa:pt-7528-24tx-hv-hv:-:*:*:*:*:*:*:*
moxapt-7528-24tx-wv_firmware*cpe:2.3:o:moxa:pt-7528-24tx-wv_firmware:*:*:*:*:*:*:*:*
moxapt-7528-24tx-wv-cpe:2.3:h:moxa:pt-7528-24tx-wv:-:*:*:*:*:*:*:*
moxapt-7528-24tx-wv-hv_firmware*cpe:2.3:o:moxa:pt-7528-24tx-wv-hv_firmware:*:*:*:*:*:*:*:*
moxapt-7528-24tx-wv-hv-cpe:2.3:h:moxa:pt-7528-24tx-wv-hv:-:*:*:*:*:*:*:*
moxapt-7528-24tx-wv-wv_firmware*cpe:2.3:o:moxa:pt-7528-24tx-wv-wv_firmware:*:*:*:*:*:*:*:*
moxapt-7528-24tx-wv-wv-cpe:2.3:h:moxa:pt-7528-24tx-wv-wv:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
moxa	pt-7528-24tx-hv_firmware	*	cpe:2.3:o:moxa:pt-7528-24tx-hv_firmware::::::::
moxa	pt-7528-24tx-hv	-	cpe:2.3:h:moxa:pt-7528-24tx-hv:-:::::::*
moxa	pt-7528-24tx-hv-hv_firmware	*	cpe:2.3:o:moxa:pt-7528-24tx-hv-hv_firmware::::::::
moxa	pt-7528-24tx-hv-hv	-	cpe:2.3:h:moxa:pt-7528-24tx-hv-hv:-:::::::*
moxa	pt-7528-24tx-wv_firmware	*	cpe:2.3:o:moxa:pt-7528-24tx-wv_firmware::::::::
moxa	pt-7528-24tx-wv	-	cpe:2.3:h:moxa:pt-7528-24tx-wv:-:::::::*
moxa	pt-7528-24tx-wv-hv_firmware	*	cpe:2.3:o:moxa:pt-7528-24tx-wv-hv_firmware::::::::
moxa	pt-7528-24tx-wv-hv	-	cpe:2.3:h:moxa:pt-7528-24tx-wv-hv:-:::::::*
moxa	pt-7528-24tx-wv-wv_firmware	*	cpe:2.3:o:moxa:pt-7528-24tx-wv-wv_firmware::::::::
moxa	pt-7528-24tx-wv-wv	-	cpe:2.3:h:moxa:pt-7528-24tx-wv-wv:-:::::::*

Rows per page:

1-10 of 1101

References

www.us-cert.gov/ics/advisories/icsa-20-056-03

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.013

Percentile

85.8%

JSON

Related for NVD:CVE-2020-6989

prion1 cvelist1 nessus1 cve1 ics1