CVE-2020-25196

Name of the Vulnerable Software and Affected Versions MOXA NPort IAW5000A-I/O firmware versions 2.1 and lower

Description The issue is related to the implementation of SSH/Telnet protocols in the MOXA NPort IAW5000A-I/O Series web server software, which lacks sufficient restrictions on authentication attempts. This may allow a remote attacker to bypass security restrictions through brute force attacks.

Recommendations For MOXA NPort IAW5000A-I/O firmware versions 2.1 and lower, consider restricting or disabling SSH/Telnet sessions as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.