Insufficient Authentication Measures in Moxa IKS and EDS Devices Enable Brute Force Password Discovery

Insufficient Authentication Measures in Moxa IKS and EDS Devices Enable Brute Force Password Discovery

CVE-2019-6524 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Moxa IKS and EDS do not implement sufficient measures to prevent multiple failed authentication attempts, which may allow an attacker to discover passwords via brute force attack.

Learn more about our Web Application Penetration Testing UK.