CVE-2019-6522

critical

Description

Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.

References

https://ics-cert.us-cert.gov/advisories/ICSA-19-057-01

http://www.securityfocus.com/bid/107178

Details

Source: Mitre, NVD

Published: 2019-03-05

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:C

Severity: High

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Severity: Critical