Sign-up

ID

VAR-201903-0177


CVE

CVE-2019-6522


TITLE

Moxa IKS and EDS Vulnerable to out-of-bounds reading

Trust: 0.8

sources: JVNDB: JVNDB-2019-002197

DESCRIPTION

Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot. Moxa IKS and EDS Contains an out-of-bounds read vulnerability.Information obtained and denial of service (DoS) May be in a state. MoxaIKS and EDS are Moxa's line of industrial switches. There is an out-of-bounds read vulnerability in the MoxaIKS and EDS series. The vulnerability stems from a program failing to properly validate array bounds. Moxa IKS and EDS are prone to following security vulnerabilities: 1. A cross-site-scripting vulnerability 2. Multiple stack-based buffer-overflow vulnerabilities 3. A security vulnerability 4. An information disclosure vulnerability 5. A cross-site request-forgery vulnerability 6. Multiple denial-of-service vulnerabilities 7. A security-bypass vulnerability 8. An authentication bypass vulnerability An attacker may leverage these issues to view arbitrary files within the context of the web server, execute arbitrary script code in the browser of the victim in the context of the affected site, steal cookie-based authentication credentials, gain access to sensitive information, compromise the application, access or modify data, reboot or crash of the application resulting in a denial of service condition, bypass security restrictions, or execute arbitrary code. This may lead to other vulnerabilities. The following Moxa products and versions are affected: IKS-G6824A series versions 4.5 and prior, EDS-405A series versions 3.8 and prior, EDS-408A series versions 3.8 and prior, and EDS-510A series versions 3.8 and prior. Moxa IKS-G6824A series are all products of Moxa Company in Taiwan, China. IKS-G6824A series is a series of rack-mount Ethernet switches. EDS-405A series is an EDS-405A series Ethernet switch. EDS-408A series is an EDS-408A series Ethernet switch

Trust: 2.79

sources: NVD: CVE-2019-6522 // JVNDB: JVNDB-2019-002197 // CNVD: CNVD-2019-06056 // BID: 107178 // IVD: ab3d4b23-d209-43d9-8414-74602516531f // VULHUB: VHN-157957 // VULMON: CVE-2019-6522

IOT TAXONOMY

category:['ICS', 'Network device']sub_category: -

Trust: 0.6

category:['ICS']sub_category: -

Trust: 0.2

sources: IVD: ab3d4b23-d209-43d9-8414-74602516531f // CNVD: CNVD-2019-06056

AFFECTED PRODUCTS

vendor:moxamodel:eds-405ascope:lteversion:3.8

Trust: 1.0

vendor:moxamodel:eds-408ascope:lteversion:3.8

Trust: 1.0

vendor:moxamodel:iks-g6824ascope:lteversion:4.5

Trust: 1.0

vendor:moxamodel:eds-510ascope:lteversion:3.8

Trust: 1.0

vendor:moxamodel:eds-405a seriesscope: - version: -

Trust: 0.8

vendor:moxamodel:eds-408a seriesscope: - version: -

Trust: 0.8

vendor:moxamodel:eds-510a seriesscope: - version: -

Trust: 0.8

vendor:moxamodel:iks-g6824a seriesscope: - version: -

Trust: 0.8

vendor:moxamodel:iks-g6824ascope:lteversion:<=4.5

Trust: 0.6

vendor:moxamodel:eds-405ascope:lteversion:<=3.8

Trust: 0.6

vendor:moxamodel:eds-408ascope:lteversion:<=3.8

Trust: 0.6

vendor:moxamodel:eds-510ascope:lteversion:<=3.8

Trust: 0.6

vendor:moxamodel:iks-g6824ascope:eqversion:4.5

Trust: 0.3

vendor:moxamodel:eds-510ascope:eqversion:3.8

Trust: 0.3

vendor:moxamodel:eds-408ascope:eqversion:3.8

Trust: 0.3

vendor:moxamodel:eds-405ascope:eqversion:3.8

Trust: 0.3

vendor:iks g6824amodel: - scope:eqversion:*

Trust: 0.2

vendor:eds 405amodel: - scope:eqversion:*

Trust: 0.2

vendor:eds 408amodel: - scope:eqversion:*

Trust: 0.2

vendor:eds 510amodel: - scope:eqversion:*

Trust: 0.2

sources: IVD: ab3d4b23-d209-43d9-8414-74602516531f // CNVD: CNVD-2019-06056 // BID: 107178 // JVNDB: JVNDB-2019-002197 // NVD: CVE-2019-6522

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-6522
value: CRITICAL

Trust: 1.0

NVD: CVE-2019-6522
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2019-06056
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201902-950
value: CRITICAL

Trust: 0.6

IVD: ab3d4b23-d209-43d9-8414-74602516531f
value: CRITICAL

Trust: 0.2

VULHUB: VHN-157957
value: HIGH

Trust: 0.1

VULMON: CVE-2019-6522
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-6522
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2019-06056
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

IVD: ab3d4b23-d209-43d9-8414-74602516531f
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

VULHUB: VHN-157957
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 7.8
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-6522
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.2
version: 3.1

Trust: 1.0

NVD: CVE-2019-6522
baseSeverity: CRITICAL
baseScore: 9.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: IVD: ab3d4b23-d209-43d9-8414-74602516531f // CNVD: CNVD-2019-06056 // VULHUB: VHN-157957 // VULMON: CVE-2019-6522 // JVNDB: JVNDB-2019-002197 // CNNVD: CNNVD-201902-950 // NVD: CVE-2019-6522

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.9

sources: VULHUB: VHN-157957 // JVNDB: JVNDB-2019-002197 // NVD: CVE-2019-6522

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201902-950

TYPE

Buffer error

Trust: 0.8

sources: IVD: ab3d4b23-d209-43d9-8414-74602516531f // CNNVD: CNNVD-201902-950

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-002197

PATCH
title:Top Pageurl:https://www.moxa.com/en/
Trust: 0.8
title:MoxaIKS and EDS out of bounds read vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/155121
Trust: 0.6
title:Multiple Moxa Product Buffer Error Vulnerability Fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89667
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2019-06056 // 
            
            
            
            JVNDB: JVNDB-2019-002197 // 
            
            
            
            CNNVD: CNNVD-201902-950

EXTERNAL IDS
db:NVDid:CVE-2019-6522
Trust: 3.7
db:ICS CERTid:ICSA-19-057-01
Trust: 3.5
db:BIDid:107178
Trust: 2.1
db:CNNVDid:CNNVD-201902-950
Trust: 0.9
db:CNVDid:CNVD-2019-06056
Trust: 0.8
db:JVNDBid:JVNDB-2019-002197
Trust: 0.8
db:AUSCERTid:ESB-2019.0597
Trust: 0.6
db:IVDid:AB3D4B23-D209-43D9-8414-74602516531F
Trust: 0.2
db:VULHUBid:VHN-157957
Trust: 0.1
db:VULMONid:CVE-2019-6522
Trust: 0.1
sources:
            
            
            IVD: ab3d4b23-d209-43d9-8414-74602516531f // 
            
            
            
            CNVD: CNVD-2019-06056 // 
            
            
            
            VULHUB: VHN-157957 // 
            
            
            
            VULMON: CVE-2019-6522 // 
            
            
            
            BID: 107178 // 
            
            
            
            JVNDB: JVNDB-2019-002197 // 
            
            
            
            CNNVD: CNNVD-201902-950 // 
            
            
            
            NVD: CVE-2019-6522

REFERENCES
url:https://ics-cert.us-cert.gov/advisories/icsa-19-057-01
Trust: 3.6
url:http://www.securityfocus.com/bid/107178
Trust: 2.5
url:https://nvd.nist.gov/vuln/detail/cve-2019-6522
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-6522
Trust: 0.8
url:https://www.us-cert.gov/ics/advisories/icsa-19-057-01
Trust: 0.6
url:https://www.auscert.org.au/bulletins/76138
Trust: 0.6
url:http://www.moxastore.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/125.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2019-06056 // 
            
            
            
            VULHUB: VHN-157957 // 
            
            
            
            VULMON: CVE-2019-6522 // 
            
            
            
            BID: 107178 // 
            
            
            
            JVNDB: JVNDB-2019-002197 // 
            
            
            
            CNNVD: CNNVD-201902-950 // 
            
            
            
            NVD: CVE-2019-6522

CREDITS
Ivan B, Sergey Fedonin, and Vyacheslav Moskvin of Positive Technologies Security reported these vulnerabilities to NCCIC.
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201902-950

SOURCES
db:IVDid:ab3d4b23-d209-43d9-8414-74602516531f
db:CNVDid:CNVD-2019-06056
db:VULHUBid:VHN-157957
db:VULMONid:CVE-2019-6522
db:BIDid:107178
db:JVNDBid:JVNDB-2019-002197
db:CNNVDid:CNNVD-201902-950
db:NVDid:CVE-2019-6522

LAST UPDATE DATE
2024-08-14T13:26:55.933000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2019-06056date:2019-03-04T00:00:00
db:VULHUBid:VHN-157957date:2022-11-30T00:00:00
db:VULMONid:CVE-2019-6522date:2019-10-09T00:00:00
db:BIDid:107178date:2019-02-26T00:00:00
db:JVNDBid:JVNDB-2019-002197date:2019-04-04T00:00:00
db:CNNVDid:CNNVD-201902-950date:2019-10-25T00:00:00
db:NVDid:CVE-2019-6522date:2022-11-30T22:21:05.317

SOURCES RELEASE DATE
db:IVDid:ab3d4b23-d209-43d9-8414-74602516531fdate:2019-03-04T00:00:00
db:CNVDid:CNVD-2019-06056date:2019-03-04T00:00:00
db:VULHUBid:VHN-157957date:2019-03-05T00:00:00
db:VULMONid:CVE-2019-6522date:2019-03-05T00:00:00
db:BIDid:107178date:2019-02-26T00:00:00
db:JVNDBid:JVNDB-2019-002197date:2019-04-04T00:00:00
db:CNNVDid:CNNVD-201902-950date:2019-02-26T00:00:00
db:NVDid:CVE-2019-6522date:2019-03-05T20:29:00.343