Vulnerability Description
A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Moxa | Mxview | >= 3.0, <= 3.2.2 |
Related Weaknesses (CWE)
References
- https://us-cert.cisa.gov/ics/advisories/icsa-21-278-03Third Party AdvisoryUS Government Resource
- https://us-cert.cisa.gov/ics/advisories/icsa-21-278-03Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2021-38456?
CVE-2021-38456 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A use of hard-coded password vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to gain access through accounts using default passwords
How severe is CVE-2021-38456?
CVE-2021-38456 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2021-38456?
Check the references section above for vendor advisories and patch information. Affected products include: Moxa Mxview.