CVE-2020-7003
First published: Tue Mar 24 2020(Updated: )
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Moxa Iologik 2512 Firmware | <=3.0 | |
| Moxa Iologik 2512 | ||
| Moxa Iologik 2512-t Firmware | <=3.0 | |
| Moxa Iologik 2512-t | ||
| Moxa Iologik 2512-hspa Firmware | <=3.0 | |
| Moxa Iologik 2512-hspa | ||
| Moxa Iologik 2512-hspa-t Firmware | <=3.0 | |
| Moxa Iologik 2512-hspa-t | ||
| Moxa Iologik 2512-wl1-eu Firmware | <=3.0 | |
| Moxa Iologik 2512-wl1-eu | ||
| Moxa Iologik 2512-wl1-eu-t Firmware | <=3.0 | |
| Moxa Iologik 2512-wl1-eu-t | ||
| Moxa Iologik 2512-wl1-us Firmware | <=3.0 | |
| Moxa Iologik 2512-wl1-us | ||
| Moxa Iologik 2512-wl1-us-t Firmware | <=3.0 | |
| Moxa Iologik 2512-wl1-us-t | ||
| Moxa Iologik 2512-wl1-jp Firmware | <=3.0 | |
| Moxa Iologik 2512-wl1-jp | ||
| Moxa Iologik 2512-wl1-jp-t Firmware | <=3.0 | |
| Moxa Iologik 2512-wl1-jp-t | ||
| Moxa Iologik 2542 Firmware | <=3.0 | |
| Moxa Iologik 2542 | ||
| Moxa Iologik 2542-t Firmware | <=3.0 | |
| Moxa Iologik 2542-t | ||
| Moxa Iologik 2542-hspa Firmware | <=3.0 | |
| Moxa Iologik 2542-hspa | ||
| Moxa Iologik 2542-hspa-t Firmware | <=3.0 | |
| Moxa Iologik 2542-hspa-t | ||
| Moxa Iologik 2542-wl1-eu Firmware | <=3.0 | |
| Moxa Iologik 2542-wl1-eu | ||
| Moxa Iologik 2542-wl1-eu-t Firmware | <=3.0 | |
| Moxa Iologik 2542-wl1-eu-t | ||
| Moxa Iologik 2542-wl1-us Firmware | <=3.0 | |
| Moxa Iologik 2542-wl1-us | ||
| Moxa Iologik 2542-wl1-us-t Firmware | <=3.0 | |
| Moxa Iologik 2542-wl1-us-t | ||
| Moxa Iologik 2542-wl1-jp Firmware | <=3.0 | |
| Moxa Iologik 2542-wl1-jp | ||
| Moxa Iologik 2542-wl1-jp-t Firmware | <=3.0 | |
| Moxa Iologik 2542-wl1-jp-t |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-7003?
CVE-2020-7003 has a severity rating classified as high due to the exposure of sensitive information transmitted in clear text.
How do I fix CVE-2020-7003?
To remediate CVE-2020-7003, upgrade the Moxa ioLogik 2500 series firmware to a version higher than 3.0.
Which devices are affected by CVE-2020-7003?
CVE-2020-7003 affects the Moxa ioLogik 2500 series firmware versions 3.0 or lower and the IOxpress configuration utility versions 2.3.0 or lower.
What type of data is compromised in CVE-2020-7003?
CVE-2020-7003 exposes sensitive information because it is transmitted over the web applications in clear text.
Are there any workarounds for CVE-2020-7003?
Currently, the only effective workaround for CVE-2020-7003 is to immediately update the firmware to the latest version.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- vendor/moxa
- canonical/moxa iologik 2512 firmware
- version/moxa iologik 2512 firmware/3.0
- canonical/moxa iologik 2512
- canonical/moxa iologik 2512-t firmware
- version/moxa iologik 2512-t firmware/3.0
- canonical/moxa iologik 2512-t
- canonical/moxa iologik 2512-hspa firmware
- version/moxa iologik 2512-hspa firmware/3.0
- canonical/moxa iologik 2512-hspa
- canonical/moxa iologik 2512-hspa-t firmware
- version/moxa iologik 2512-hspa-t firmware/3.0
- canonical/moxa iologik 2512-hspa-t
- canonical/moxa iologik 2512-wl1-eu firmware
- version/moxa iologik 2512-wl1-eu firmware/3.0
- canonical/moxa iologik 2512-wl1-eu
- canonical/moxa iologik 2512-wl1-eu-t firmware
- version/moxa iologik 2512-wl1-eu-t firmware/3.0
- canonical/moxa iologik 2512-wl1-eu-t
- canonical/moxa iologik 2512-wl1-us firmware
- version/moxa iologik 2512-wl1-us firmware/3.0
- canonical/moxa iologik 2512-wl1-us
- canonical/moxa iologik 2512-wl1-us-t firmware
- version/moxa iologik 2512-wl1-us-t firmware/3.0
- canonical/moxa iologik 2512-wl1-us-t
- canonical/moxa iologik 2512-wl1-jp firmware
- version/moxa iologik 2512-wl1-jp firmware/3.0
- canonical/moxa iologik 2512-wl1-jp
- canonical/moxa iologik 2512-wl1-jp-t firmware
- version/moxa iologik 2512-wl1-jp-t firmware/3.0
- canonical/moxa iologik 2512-wl1-jp-t
- canonical/moxa iologik 2542 firmware
- version/moxa iologik 2542 firmware/3.0
- canonical/moxa iologik 2542
- canonical/moxa iologik 2542-t firmware
- version/moxa iologik 2542-t firmware/3.0
- canonical/moxa iologik 2542-t
- canonical/moxa iologik 2542-hspa firmware
- version/moxa iologik 2542-hspa firmware/3.0
- canonical/moxa iologik 2542-hspa
- canonical/moxa iologik 2542-hspa-t firmware
- version/moxa iologik 2542-hspa-t firmware/3.0
- canonical/moxa iologik 2542-hspa-t
- canonical/moxa iologik 2542-wl1-eu firmware
- version/moxa iologik 2542-wl1-eu firmware/3.0
- canonical/moxa iologik 2542-wl1-eu
- canonical/moxa iologik 2542-wl1-eu-t firmware
- version/moxa iologik 2542-wl1-eu-t firmware/3.0
- canonical/moxa iologik 2542-wl1-eu-t
- canonical/moxa iologik 2542-wl1-us firmware
- version/moxa iologik 2542-wl1-us firmware/3.0
- canonical/moxa iologik 2542-wl1-us
- canonical/moxa iologik 2542-wl1-us-t firmware
- version/moxa iologik 2542-wl1-us-t firmware/3.0
- canonical/moxa iologik 2542-wl1-us-t
- canonical/moxa iologik 2542-wl1-jp firmware
- version/moxa iologik 2542-wl1-jp firmware/3.0
- canonical/moxa iologik 2542-wl1-jp
- canonical/moxa iologik 2542-wl1-jp-t firmware
- version/moxa iologik 2542-wl1-jp-t firmware/3.0
- canonical/moxa iologik 2542-wl1-jp-t