Array Bounds Check Failure in Moxa IKS and EDS Devices: Potential Memory Read and Data Leakage Vulnerability

Array Bounds Check Failure in Moxa IKS and EDS Devices: Potential Memory Read and Data Leakage Vulnerability

CVE-2019-6522 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Moxa IKS and EDS fails to properly check array bounds which may allow an attacker to read device memory on arbitrary addresses, and may allow an attacker to retrieve sensitive data or cause device reboot.

Learn more about our Web Application Penetration Testing UK.