TROYANOSYVIRUS
Back to CVEs

CVE-2020-6985

CRITICAL
9.8

Description

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console.

CVE Details

CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published3/24/2020
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0

Affected Products

moxa:pt-7528-12msc-12tx-4gsfp-hvmoxa:pt-7528-12msc-12tx-4gsfp-hv-hvmoxa:pt-7528-12msc-12tx-4gsfp-hv-hv_firmwaremoxa:pt-7528-12msc-12tx-4gsfp-hv_firmwaremoxa:pt-7528-12msc-12tx-4gsfp-wvmoxa:pt-7528-12msc-12tx-4gsfp-wv-wvmoxa:pt-7528-12msc-12tx-4gsfp-wv-wv_firmwaremoxa:pt-7528-12msc-12tx-4gsfp-wv_firmwaremoxa:pt-7528-12mst-12tx-4gsfp-hvmoxa:pt-7528-12mst-12tx-4gsfp-hv-hvmoxa:pt-7528-12mst-12tx-4gsfp-hv-hv_firmwaremoxa:pt-7528-12mst-12tx-4gsfp-hv_firmwaremoxa:pt-7528-12mst-12tx-4gsfp-wvmoxa:pt-7528-12mst-12tx-4gsfp-wv-wvmoxa:pt-7528-12mst-12tx-4gsfp-wv-wv_firmwaremoxa:pt-7528-12mst-12tx-4gsfp-wv_firmwaremoxa:pt-7528-16msc-8tx-4gsfp-hvmoxa:pt-7528-16msc-8tx-4gsfp-hv-hvmoxa:pt-7528-16msc-8tx-4gsfp-hv-hv_firmwaremoxa:pt-7528-16msc-8tx-4gsfp-hv_firmwaremoxa:pt-7528-16msc-8tx-4gsfp-wvmoxa:pt-7528-16msc-8tx-4gsfp-wv-wvmoxa:pt-7528-16msc-8tx-4gsfp-wv-wv_firmwaremoxa:pt-7528-16msc-8tx-4gsfp-wv_firmwaremoxa:pt-7528-16mst-8tx-4gsfp-hvmoxa:pt-7528-16mst-8tx-4gsfp-hv-hvmoxa:pt-7528-16mst-8tx-4gsfp-hv-hv_firmwaremoxa:pt-7528-16mst-8tx-4gsfp-hv_firmwaremoxa:pt-7528-16mst-8tx-4gsfp-wvmoxa:pt-7528-16mst-8tx-4gsfp-wv-wvmoxa:pt-7528-16mst-8tx-4gsfp-wv-wv_firmwaremoxa:pt-7528-16mst-8tx-4gsfp-wv_firmwaremoxa:pt-7528-20msc-4tx-4gsfp-hvmoxa:pt-7528-20msc-4tx-4gsfp-hv-hvmoxa:pt-7528-20msc-4tx-4gsfp-hv-hv_firmwaremoxa:pt-7528-20msc-4tx-4gsfp-hv_firmwaremoxa:pt-7528-20msc-4tx-4gsfp-wvmoxa:pt-7528-20msc-4tx-4gsfp-wv-wvmoxa:pt-7528-20msc-4tx-4gsfp-wv-wv_firmwaremoxa:pt-7528-20msc-4tx-4gsfp-wv_firmwaremoxa:pt-7528-20mst-4tx-4gsfp-hvmoxa:pt-7528-20mst-4tx-4gsfp-hv-hvmoxa:pt-7528-20mst-4tx-4gsfp-hv-hv_firmwaremoxa:pt-7528-20mst-4tx-4gsfp-hv_firmwaremoxa:pt-7528-20mst-4tx-4gsfp-wvmoxa:pt-7528-20mst-4tx-4gsfp-wv-wvmoxa:pt-7528-20mst-4tx-4gsfp-wv-wv_firmwaremoxa:pt-7528-20mst-4tx-4gsfp-wv_firmwaremoxa:pt-7528-24tx-hvmoxa:pt-7528-24tx-hv-hvmoxa:pt-7528-24tx-hv-hv_firmwaremoxa:pt-7528-24tx-hv_firmwaremoxa:pt-7528-24tx-wvmoxa:pt-7528-24tx-wv-hvmoxa:pt-7528-24tx-wv-hv_firmwaremoxa:pt-7528-24tx-wv-wvmoxa:pt-7528-24tx-wv-wv_firmwaremoxa:pt-7528-24tx-wv_firmwaremoxa:pt-7528-8msc-16tx-4gsfp-hvmoxa:pt-7528-8msc-16tx-4gsfp-hv-hvmoxa:pt-7528-8msc-16tx-4gsfp-hv-hv_firmwaremoxa:pt-7528-8msc-16tx-4gsfp-hv_firmwaremoxa:pt-7528-8msc-16tx-4gsfp-wvmoxa:pt-7528-8msc-16tx-4gsfp-wv-wvmoxa:pt-7528-8msc-16tx-4gsfp-wv-wv_firmwaremoxa:pt-7528-8msc-16tx-4gsfp-wv_firmwaremoxa:pt-7528-8mst-16tx-4gsfp-hvmoxa:pt-7528-8mst-16tx-4gsfp-hv-hvmoxa:pt-7528-8mst-16tx-4gsfp-hv-hv_firmwaremoxa:pt-7528-8mst-16tx-4gsfp-hv_firmwaremoxa:pt-7528-8mst-16tx-4gsfp-wvmoxa:pt-7528-8mst-16tx-4gsfp-wv-wvmoxa:pt-7528-8mst-16tx-4gsfp-wv-wv_firmwaremoxa:pt-7528-8mst-16tx-4gsfp-wv_firmwaremoxa:pt-7528-8ssc-16tx-4gsfp-hv-hvmoxa:pt-7528-8ssc-16tx-4gsfp-hv-hv_firmwaremoxa:pt-7528-8ssc-16tx-4gsfp-wv-wvmoxa:pt-7528-8ssc-16tx-4gsfp-wv-wv_firmwaremoxa:pt-7828-f-24moxa:pt-7828-f-24-24moxa:pt-7828-f-24-24_firmwaremoxa:pt-7828-f-24-hvmoxa:pt-7828-f-24-hv_firmwaremoxa:pt-7828-f-24_firmwaremoxa:pt-7828-f-48moxa:pt-7828-f-48-48moxa:pt-7828-f-48-48_firmwaremoxa:pt-7828-f-48-hvmoxa:pt-7828-f-48-hv_firmwaremoxa:pt-7828-f-48_firmwaremoxa:pt-7828-f-hvmoxa:pt-7828-f-hv-hvmoxa:pt-7828-f-hv-hv_firmwaremoxa:pt-7828-f-hv_firmwaremoxa:pt-7828-r-24moxa:pt-7828-r-24-24moxa:pt-7828-r-24-24_firmwaremoxa:pt-7828-r-24-hvmoxa:pt-7828-r-24-hv_firmwaremoxa:pt-7828-r-24_firmwaremoxa:pt-7828-r-48moxa:pt-7828-r-48-48moxa:pt-7828-r-48-48_firmwaremoxa:pt-7828-r-48-hvmoxa:pt-7828-r-48-hv_firmwaremoxa:pt-7828-r-48_firmwaremoxa:pt-7828-r-hvmoxa:pt-7828-r-hv-hvmoxa:pt-7828-r-hv-hv_firmwaremoxa:pt-7828-r-hv_firmware

Weaknesses (CWE)

CWE-798CWE-798

References

https://www.us-cert.gov/ics/advisories/icsa-20-056-03(ics-cert@hq.dhs.gov)
https://www.us-cert.gov/ics/advisories/icsa-20-056-03(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.