CRITICAL🇵🇱 Wersja polska

CVE-2019-6557

CVSS 9.8v3.1pub. 2019-03-05upd. 2024-11-21

Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Moxa Eds 405a

    HW
    Moxa
    wszystkie wersje
  • Moxa Eds 405a Firmware

    OS
    Moxa
    ≤ 3.8
  • Moxa Eds 408a

    HW
    Moxa
    wszystkie wersje
  • Moxa Eds 408a Firmware

    OS
    Moxa
    ≤ 3.8
  • Moxa Eds 510a

    HW
    Moxa
    wszystkie wersje
  • Moxa Eds 510a Firmware

    OS
    Moxa
    ≤ 3.8
  • Moxa Iks G6824a

    HW
    Moxa
    wszystkie wersje
  • Moxa Iks G6824a Firmware

    OS
    Moxa
    ≤ 4.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2019-6526CRITICAL9.8ten sam produkt

Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version 3.8 and prior, EDS-408A series Version ...

CVE-2019-6522CRITICAL9.1ten sam produkt

Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arb...

CVE-2019-6524CRITICAL9.8ten sam produkt

Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, whic...

CVE-2019-6563CRITICAL9.8ten sam produkt

Moxa IKS and EDS generate a predictable cookie calculated with an MD5 hash, allowing an attacker to capture th...

CVE-2019-6520HIGH7.5ten sam produkt

Moxa IKS and EDS does not properly check authority on server side, which results in a read-only user being abl...