CVE-2022-27048

3 documents3 sources

Severity

7.4HIGH

EPSS

0.3%

top 45.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Moxa Mgate Mb3170-m-sc-t Firmware Moxa Mgate Mb3170-m-sc Firmware Moxa Mgate Mb3170-m-st-t Firmware +17 more

Timeline

PublishedApr 15

Latest updateApr 16

Description

A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device. This affects MGate MB3170 Series Firmware Version 4.2 or lower. and MGate MB3270 Series Firmware Version 4.2 or lower. and MGate MB3280 Series Firmware Version 4.1 or lower. and MGate MB3480 Series Firmware Version 3.2 or lower.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.2 | Impact: 5.2

Affected Packages20 packages

▶NVDmoxa/mgate_mb3170_firmware4.2

▶NVDmoxa/mgate_mb3270_firmware4.2

▶NVDmoxa/mgate_mb3280_firmware4.1

▶NVDmoxa/mgate_mb3480_firmware3.2

▶NVDmoxa/mgate_mb3170i_firmware4.2

🔴Vulnerability Details

GHSA

GHSA-9qf7-cmwj-2w84: A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device↗2022-04-16

▶

CVEList

CVE-2022-27048: A vulnerability has been discovered in Moxa MGate which allows an attacker to perform a man-in-the-middle (MITM) attack on the device↗2022-04-15

▶