Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/107178 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01 | US Government Resource Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
No history.
Information
Published : 2019-03-05 20:29
Updated : 2024-02-28 17:08
NVD link : CVE-2019-6522
Mitre link : CVE-2019-6522
CVE.ORG link : CVE-2019-6522
JSON object : View
Products Affected
moxa
- iks-g6824a_firmware
- eds-405a_firmware
- eds-408a_firmware
- eds-408a
- eds-510a
- eds-405a
- eds-510a_firmware
- iks-g6824a
CWE
CWE-125
Out-of-bounds Read