Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/107178 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01 | Third Party Advisory US Government Resource |
http://www.securityfocus.com/bid/107178 | Third Party Advisory VDB Entry |
https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
21 Nov 2024, 04:46
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/107178 - Third Party Advisory, VDB Entry | |
References | () https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01 - Third Party Advisory, US Government Resource |
Information
Published : 2019-03-05 20:29
Updated : 2024-11-21 04:46
NVD link : CVE-2019-6522
Mitre link : CVE-2019-6522
CVE.ORG link : CVE-2019-6522
JSON object : View
Products Affected
moxa
- eds-408a_firmware
- eds-405a
- iks-g6824a
- eds-405a_firmware
- eds-510a
- eds-408a
- iks-g6824a_firmware
- eds-510a_firmware
CWE
CWE-125
Out-of-bounds Read