CVE-2020-6979

Name of the Vulnerable Software and Affected Versions Moxa EDS-G516E Series versions 5.2 or lower Moxa EDS-510E (affected versions not specified)

Description The issue is related to the use of a hard-coded cryptographic key in the configuration file of the affected products. This increases the possibility that confidential data can be recovered. An attacker, acting remotely, could exploit this issue to gain unauthorized access to protected information.

Recommendations For Moxa EDS-G516E Series versions 5.2 or lower, consider updating to a version higher than 5.2 to mitigate the risk. For Moxa EDS-510E, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the configuration file to minimize the risk of exploitation.