Design/Logic Flaw

2019-03-0520:29:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.2%

JSON

Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.

CPENameOperatorVersion
eds-405a_firmwarele3.8
eds-408a_firmwarele3.8
eds-510a_firmwarele3.8
iks-g6824a_firmwarele4.5

Name	Operator	Version
eds-405a_firmware	le	3.8
eds-408a_firmware	le	3.8
eds-510a_firmware	le	3.8
iks-g6824a_firmware	le	4.5

References

www.securityfocus.com/bid/107178

ics-cert.us-cert.gov/advisories/ICSA-19-057-01