Lucene search
SAINT CorporationSAINT:4F496D8778DB5E5CC830DD73BEF93596HistoryFeb 27, 2020 - 12:00 a.m.
Moxa AWK-3131A iw_console privilege escalation vulnerability
2020-02-2700:00:00
SAINT Corporation
download.saintcorporation.com
70
EPSS
0.001
Percentile
44.1%
Added: 02/27/2020
CVE: CVE-2019-5136
Background
Moxa AWK-3131A is a 3-in-1 industrial wireless AP/bridge/client device.
Problem
A privilege escalation vulnerability exists in the iw_console functionality where a specially crafted menu selection string can cause an escape from the restricted console, resulting in system access as the root user.
Resolution
Contact Moxa Technical Support to get the security patch.
References
Limitations
This exploit will only work if the default admin password hasn’t been changed.
Platforms
Moxa
Related
nvd
nvd
CVE-2019-5136
2020-02-25 16:15:10
prion
prion
Privilege escalation
2020-02-25 16:15:00
nessus
nessus
cvelist
cvelist
CVE-2019-5136
2020-02-25 15:36:41
saint
saint
Moxa AWK-3131A iw_console privilege escalation vulnerability
2020-02-27 00:00:00
Moxa AWK-3131A iw_console privilege escalation vulnerability
2020-02-27 00:00:00
talos
talos
Moxa AWK-3131A iw_console Privilege Escalation Vulnerability
2020-02-24 00:00:00
cve
cve
CVE-2019-5136
2020-02-25 16:15:10
talosblog
talosblog
Vulnerability Spotlight: Multiple vulnerabilities in Moxa AWK-3131A
2020-02-24 07:04:47
ics
ics
Moxa AWK-3131A Series Industrial AP/Bridge/Client
2020-03-03 12:00:00