PT-2017-13026 · Moxa · Moxa Eds-G512E

Published

2017-11-23

Updated

2019-10-03

CVE-2017-13698

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions MOXA EDS-G512E version 5.1 build 16072215

Description An issue allows an attacker to extract public and private keys from the firmware image available on the MOXA website. These keys can then be used against a production switch that has the default keys embedded.

Recommendations For MOXA EDS-G512E version 5.1 build 16072215, consider changing the default keys to custom keys to prevent exploitation. As a temporary workaround, restrict access to the device to minimize the risk of unauthorized key usage.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2017-13698

Affected Products

Moxa Eds-G512E

PT-2017-13026 · Moxa · Moxa Eds-G512E

CVE-2017-13698

Related Identifiers

Affected Products

References · 3