What is the severity of CVE-2020-7003?

CVE-2020-7003 has a severity rating classified as high due to the exposure of sensitive information transmitted in clear text.

How do I fix CVE-2020-7003?

To remediate CVE-2020-7003, upgrade the Moxa ioLogik 2500 series firmware to a version higher than 3.0.

Which devices are affected by CVE-2020-7003?

CVE-2020-7003 affects the Moxa ioLogik 2500 series firmware versions 3.0 or lower and the IOxpress configuration utility versions 2.3.0 or lower.

What type of data is compromised in CVE-2020-7003?

CVE-2020-7003 exposes sensitive information because it is transmitted over the web applications in clear text.

Are there any workarounds for CVE-2020-7003?

Currently, the only effective workaround for CVE-2020-7003 is to immediately update the firmware to the latest version.

Vulnerability/
CVE-2020-7003

high

7.5

CWE

319

24/3/2020

4/8/2024

CVE-2020-7003

First published: Tue Mar 24 2020(Updated: )

In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Moxa Iologik 2512-T	<=3.0
Moxa Iologik 2512-HSPA
Moxa Iologik 2512-T	<=3.0
Moxa Iologik 2512-T
Moxa Iologik 2512-HSPA-T	<=3.0
Moxa Iologik 2512-HSPA
Moxa Iologik 2512-HSPA-T	<=3.0
Moxa Iologik 2512-HSPA-T
Moxa Iologik 2512-WL1 EU Firmware	<=3.0
Moxa Iologik 2512-WL1 EU Firmware
Moxa Iologik 2512-WL1-US-T	<=3.0
Moxa Iologik 2512-WL1 Firmware
Moxa Iologik 2512-WL1-JP-T Firmware	<=3.0
Moxa Iologik 2512-wl1-us Firmware
Moxa Iologik 2512-WL1 US-T Firmware	<=3.0
Moxa Iologik 2512-WL1 Firmware
Moxa Iologik 2512	<=3.0
Moxa Iologik 2512
Moxa Iologik 2512-WL1 Firmware	<=3.0
Moxa Iologik 2512-WL1 Firmware
Moxa Iologik 2542-HSPA Firmware	<=3.0
Moxa Iologik 2542
Moxa Iologik 2542-T Firmware	<=3.0
Moxa Iologik 2542-t Firmware
Moxa Iologik 2542-HSPA Firmware	<=3.0
Moxa Iologik 2542-HSPA Firmware
Moxa Iologik 2542-HSPA-T Firmware	<=3.0
Moxa Iologik 2542-HSPA-T Firmware
Moxa Iologik 2542-wl1 Firmware	<=3.0
Moxa Iologik 2542
Moxa Iologik 2542-WL1-EU-T	<=3.0
Moxa Iologik 2542-WL1 Firmware
Moxa Iologik 2542-WL1 Firmware	<=3.0
Moxa Iologik 2542-WL1-US-T Firmware
Moxa Iologik 2542-WL1 Firmware	<=3.0
Moxa Iologik 2542-WL1 Firmware
Moxa Iologik 2542-WL1 Firmware	<=3.0
Moxa Iologik 2542
Moxa Iologik 2542-WL1 Firmware	<=3.0
Moxa Iologik 2542

Never miss a vulnerability like this again

Reference Links

https://www.us-cert.gov/ics/advisories/icsa-20-056-02

Frequently Asked Questions

What is the severity of CVE-2020-7003?
CVE-2020-7003 has a severity rating classified as high due to the exposure of sensitive information transmitted in clear text.
How do I fix CVE-2020-7003?
To remediate CVE-2020-7003, upgrade the Moxa ioLogik 2500 series firmware to a version higher than 3.0.
Which devices are affected by CVE-2020-7003?
CVE-2020-7003 affects the Moxa ioLogik 2500 series firmware versions 3.0 or lower and the IOxpress configuration utility versions 2.3.0 or lower.
What type of data is compromised in CVE-2020-7003?
CVE-2020-7003 exposes sensitive information because it is transmitted over the web applications in clear text.
Are there any workarounds for CVE-2020-7003?
Currently, the only effective workaround for CVE-2020-7003 is to immediately update the firmware to the latest version.

agent/type
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/references
agent/author
agent/severity
agent/weakness
agent/first-publish-date
agent/event
agent/description
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/moxa
canonical/moxa iologik 2512-t
version/moxa iologik 2512-t/3.0
canonical/moxa iologik 2512-hspa
canonical/moxa iologik 2512-hspa-t
version/moxa iologik 2512-hspa-t/3.0
canonical/moxa iologik 2512-wl1 eu firmware
version/moxa iologik 2512-wl1 eu firmware/3.0
canonical/moxa iologik 2512-wl1-us-t
version/moxa iologik 2512-wl1-us-t/3.0
canonical/moxa iologik 2512-wl1 firmware
canonical/moxa iologik 2512-wl1-jp-t firmware
version/moxa iologik 2512-wl1-jp-t firmware/3.0
canonical/moxa iologik 2512-wl1-us firmware
canonical/moxa iologik 2512-wl1 us-t firmware
version/moxa iologik 2512-wl1 us-t firmware/3.0
canonical/moxa iologik 2512
version/moxa iologik 2512/3.0
version/moxa iologik 2512-wl1 firmware/3.0
canonical/moxa iologik 2542-hspa firmware
version/moxa iologik 2542-hspa firmware/3.0
canonical/moxa iologik 2542
canonical/moxa iologik 2542-t firmware
version/moxa iologik 2542-t firmware/3.0
canonical/moxa iologik 2542-hspa-t firmware
version/moxa iologik 2542-hspa-t firmware/3.0
canonical/moxa iologik 2542-wl1 firmware
version/moxa iologik 2542-wl1 firmware/3.0
canonical/moxa iologik 2542-wl1-eu-t
version/moxa iologik 2542-wl1-eu-t/3.0
canonical/moxa iologik 2542-wl1-us-t firmware