Vulnerability Description
Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4).
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Edr-G902-T Firmware | <= 5.4 |
| Moxa | Edr-G902-T | - |
| Moxa | Edr-G902 Firmware | <= 5.4 |
| Moxa | Edr-G902 | - |
| Moxa | Edr-G903-T Firmware | <= 5.4 |
| Moxa | Edr-G903-T | - |
| Moxa | Edr-G903 Firmware | <= 5.4 |
| Moxa | Edr-G903 | - |
Related Weaknesses (CWE)
References
- https://us-cert.cisa.gov/ics/advisories/icsa-20-196-02Third Party AdvisoryUS Government Resource
- https://us-cert.cisa.gov/ics/advisories/icsa-20-196-02Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2020-14511?
CVE-2020-14511 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4).
How severe is CVE-2020-14511?
CVE-2020-14511 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-14511?
Check the references section above for vendor advisories and patch information. Affected products include: Moxa Edr-G902-T Firmware, Moxa Edr-G902-T, Moxa Edr-G902 Firmware, Moxa Edr-G902, Moxa Edr-G903-T Firmware.