CVE-2019-6522
CRITICALMoxa Iks-g6824a Firmware < 4.5 - Out-of-Bounds Read
Title source: ruleDescription
Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107178
Scores
CVSS v3
9.1
EPSS
0.0030
EPSS Percentile
53.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Details
CWE
CWE-125
Status
published
Products (4)
moxa/eds-405a_firmware
< 3.8
moxa/eds-408a_firmware
< 3.8
moxa/eds-510a_firmware
< 3.8
moxa/iks-g6824a_firmware
< 4.5
Published
Mar 05, 2019
Tracked Since
Feb 18, 2026