Description

NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate firmware manipulation.

Related CPE's

o

moxa

nport_iaw5000a-i\/o_firmware

Vulnerable

h

moxa

nport_iaw5000a-i\/o

-

References

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230304-nport-iaw5000a-i-o-series-hardcoded-credential-vulnerability

Vendor Advisory

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230304-nport-iaw5000a-i-o-series-hardcoded-credential-vulnerability

Vendor Advisory

Weaknesses

[email protected]

Secondary
CWE-798

[email protected]

Primary
CWE-798

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

5.4 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-16T14:15:11.573Z

2 years ago

Last modified

2024-11-21T07:34:37.197Z

1 year ago