CVE-2019-5137

CWE-321CWE-798Hard-coded Credentials3 documents3 sources
Severity
7.5HIGH
EPSS
0.5%
top 34.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Moxa Awk-3131a Firmware
Timeline
PublishedFeb 25
Latest updateMay 24

Description

The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to the Moxa AWK-3131A firmware version 1.13.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5moxaMoxa AWK-3131A Firmware version 1.13

🔴Vulnerability Details

2
GHSA
GHSA-2v7g-r6qx-cv4h: The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to2022-05-24
CVEList
CVE-2019-5137: The usage of hard-coded cryptographic keys within the ServiceAgent binary allows for the decryption of captured traffic across the network from or to2020-02-25
CVE-2019-5137 (HIGH CVSS 7.5) | The usage of hard-coded cryptograph | cvebase.io