CVE-2023-5962
23.12.2023, 09:15
A weak cryptographic algorithm vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. This vulnerability can help an attacker compromise the confidentiality of sensitive data. This vulnerability may lead an attacker to get unexpected authorization.Enginsight
| Vendor | Product | Version |
|---|---|---|
| moxa | iologik_e1210_firmware | 𝑥 < 3.3 |
| moxa | iologik_e1211_firmware | 𝑥 < 3.3 |
| moxa | iologik_e1212_firmware | 𝑥 < 3.3 |
| moxa | iologik_e1213_firmware | 𝑥 < 3.3 |
| moxa | iologik_e1214_firmware | 𝑥 < 3.3 |
| moxa | iologik_e1240_firmware | 𝑥 < 3.3 |
| moxa | iologik_e1241_firmware | 𝑥 < 3.3 |
| moxa | iologik_e1242_firmware | 𝑥 < 3.3 |
| moxa | iologik_e1260_firmware | 𝑥 < 3.3 |
| moxa | iologik_e1262_firmware | 𝑥 < 3.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-328 - Use of Weak HashThe product uses an algorithm that produces a digest (output value) that does not meet security expectations for a hash function that allows an adversary to reasonably determine the original input (preimage attack), find another input that can produce the same hash (2nd preimage attack), or find multiple inputs that evaluate to the same hash (birthday attack).
- CWE-327 - Use of a Broken or Risky Cryptographic AlgorithmThe use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information.