CVE-2020-6987

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
icscertCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
VendorProductVersion
moxapt-7528-24tx-hv_firmware
𝑥
≤ 4.0
moxapt-7528-24tx-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-24tx-wv_firmware
𝑥
≤ 4.0
moxapt-7528-24tx-wv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-24tx-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7528-12msc-12tx-4gsfp-hv_firmware
𝑥
≤ 4.0
moxapt-7528-12msc-12tx-4gsfp-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-12msc-12tx-4gsfp-wv_firmware
𝑥
≤ 4.0
moxapt-7528-12msc-12tx-4gsfp-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7528-12mst-12tx-4gsfp-hv_firmware
𝑥
≤ 4.0
moxapt-7528-12mst-12tx-4gsfp-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-12mst-12tx-4gsfp-wv_firmware
𝑥
≤ 4.0
moxapt-7528-12mst-12tx-4gsfp-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7528-16msc-8tx-4gsfp-hv_firmware
𝑥
≤ 4.0
moxapt-7528-16msc-8tx-4gsfp-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-16msc-8tx-4gsfp-wv_firmware
𝑥
≤ 4.0
moxapt-7528-16msc-8tx-4gsfp-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7528-16mst-8tx-4gsfp-hv_firmware
𝑥
≤ 4.0
moxapt-7528-16mst-8tx-4gsfp-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-16mst-8tx-4gsfp-wv_firmware
𝑥
≤ 4.0
moxapt-7528-16mst-8tx-4gsfp-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7528-20msc-4tx-4gsfp-hv_firmware
𝑥
≤ 4.0
moxapt-7528-20msc-4tx-4gsfp-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-20msc-4tx-4gsfp-wv_firmware
𝑥
≤ 4.0
moxapt-7528-20msc-4tx-4gsfp-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7528-20mst-4tx-4gsfp-hv_firmware
𝑥
≤ 4.0
moxapt-7528-20mst-4tx-4gsfp-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-20mst-4tx-4gsfp-wv_firmware
𝑥
≤ 4.0
moxapt-7528-20mst-4tx-4gsfp-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7528-8msc-16tx-4gsfp-hv_firmware
𝑥
≤ 4.0
moxapt-7528-8msc-16tx-4gsfp-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-8msc-16tx-4gsfp-wv_firmware
𝑥
≤ 4.0
moxapt-7528-8msc-16tx-4gsfp-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7528-8mst-16tx-4gsfp-hv_firmware
𝑥
≤ 4.0
moxapt-7528-8mst-16tx-4gsfp-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-8mst-16tx-4gsfp-wv_firmware
𝑥
≤ 4.0
moxapt-7528-8mst-16tx-4gsfp-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7528-8ssc-16tx-4gsfp-hv-hv_firmware
𝑥
≤ 4.0
moxapt-7528-8ssc-16tx-4gsfp-wv-wv_firmware
𝑥
≤ 4.0
moxapt-7828-f-24_firmware
𝑥
≤ 3.9
moxapt-7828-f-24-24_firmware
𝑥
≤ 3.9
moxapt-7828-f-24-hv_firmware
𝑥
≤ 3.9
moxapt-7828-f-48_firmware
𝑥
≤ 3.9
moxapt-7828-f-48-48_firmware
𝑥
≤ 3.9
moxapt-7828-f-48-hv_firmware
𝑥
≤ 3.9
moxapt-7828-f-hv_firmware
𝑥
≤ 3.9
moxapt-7828-f-hv-hv_firmware
𝑥
≤ 3.9
moxapt-7828-r-24_firmware
𝑥
≤ 3.9
moxapt-7828-r-24-24_firmware
𝑥
≤ 3.9
moxapt-7828-r-24-hv_firmware
𝑥
≤ 3.9
moxapt-7828-r-48_firmware
𝑥
≤ 3.9
moxapt-7828-r-48-48_firmware
𝑥
≤ 3.9
moxapt-7828-r-48-hv_firmware
𝑥
≤ 3.9
moxapt-7828-r-hv_firmware
𝑥
≤ 3.9
moxapt-7828-r-hv-hv_firmware
𝑥
≤ 3.9
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.us-cert.gov/ics/advisories/icsa-20-056-03
https://www.us-cert.gov/ics/advisories/icsa-20-056-03