PT-2022-2361 · Moxa · Moxa Mgate Mb3270 Series+3
Dr. Faruk Kazi
+1
·
Published
2022-02-17
·
Updated
2022-04-25
·
CVE-2022-27048
CVSS v2.0
8.8
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
Moxa MGate MB3170 Series versions 4.2 or lower
Moxa MGate MB3270 Series versions 4.2 or lower
Moxa MGate MB3280 Series versions 4.1 or lower
Moxa MGate MB3480 Series versions 3.2 or lower
Description
A vulnerability in Moxa MGate allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This issue is related to incorrect security level requirements. The exploitation of this vulnerability may enable a remote attacker to carry out a MITM attack.
Recommendations
For Moxa MGate MB3170 Series versions 4.2 or lower, update to a version higher than 4.2 to resolve the issue.
For Moxa MGate MB3270 Series versions 4.2 or lower, update to a version higher than 4.2 to resolve the issue.
For Moxa MGate MB3280 Series versions 4.1 or lower, update to a version higher than 4.1 to resolve the issue.
For Moxa MGate MB3480 Series versions 3.2 or lower, update to a version higher than 3.2 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Moxa Mgate Mb3170 Series
Moxa Mgate Mb3270 Series
Moxa Mgate Mb3280 Series
Moxa Mgate Mb3480 Series