CVE-2023-4227

A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of sensitive information. The vulnerability is attributed to the presence of an unauthorized service, which could potentially enable unauthorized access to the. device.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:h:moxa:iologik_e4200:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:iologik_e4200_firmware:*:*:*:*:*:*:*:*

History

28 Oct 2024, 06:15

Type Values Removed Values Added
CWE CWE-284 CWE-489
Summary (en) A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of sensitive information. The vulnerability is attributed to the presence of an unauthorized service, which could potentially enable unauthorized access to the. device. (en) A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of sensitive information. The vulnerability is attributed to the presence of an unauthorized service, which could potentially enable unauthorized access to the. device.

29 Aug 2023, 23:39

Type Values Removed Values Added
References (MISC) https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-iologik-4000-series-multiple-web-server-vulnerabilities-and-improper-access-control-vulnerability - (MISC) https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-iologik-4000-series-multiple-web-server-vulnerabilities-and-improper-access-control-vulnerability - Vendor Advisory
CPE cpe:2.3:o:moxa:iologik_e4200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:iologik_e4200:-:*:*:*:*:*:*:*
First Time Moxa
Moxa iologik E4200
Moxa iologik E4200 Firmware
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
CWE CWE-863

24 Aug 2023, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-24 06:15

Updated : 2024-10-28 06:15


NVD link : CVE-2023-4227

Mitre link : CVE-2023-4227

CVE.ORG link : CVE-2023-4227


JSON object : View

Products Affected

moxa

  • iologik_e4200
  • iologik_e4200_firmware
CWE
CWE-863

Incorrect Authorization

CWE-489

Active Debug Code