Search
Find a vulnerability
Search criteria
8 vulnerabilities found for UC-1200A Series by Moxa
CVE-2026-9266 (GCVE-0-2026-9266)
Vulnerability from nvd – Published: 2026-06-12 10:00 – Updated: 2026-06-12 13:29
VLAI
Summary
A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure against CVE-2026-0714. However, an omission in the authorization session configuration causes the parameter encryption to provide no effective protection. An attacker with invasive physical access to the device can still capture TPM communications on the SPI bus and derive the LUKS disk encryption key in plaintext. While successful exploitation results in full compromise of the encrypted disk volume, the attack requires invasive physical access, including opening the device and attaching external equipment to the SPI bus. Remote exploitation is not possible, and the attack does not affect any downstream systems.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-325 - Missing Cryptographic Step
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/s… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | UC-1200A Series |
Affected:
1.0 , ≤ 1.4
(custom)
|
Date Public
2026-06-12 10:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9266",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T13:29:27.309419Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T13:29:34.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"OS image\u00a0(MIL3 Secure version)"
],
"product": "UC-1200A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:uc-1200a_series:*:*:os_image_mil3_secure_version_:*:*:*:*:*",
"versionEndIncluding": "1.4",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cyloq"
}
],
"datePublic": "2026-06-12T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Required Cryptographic Step vulnerability has been identified in Moxa\u0027s embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure against CVE-2026-0714. However, an omission in the authorization session configuration causes the parameter encryption to provide no effective protection.\u0026nbsp;An attacker with invasive physical access to the device can still capture TPM communications on the SPI bus and derive the LUKS disk encryption key in plaintext. While successful exploitation results in full compromise of the encrypted disk volume, the attack requires invasive physical access, including opening the device and attaching external equipment to the SPI bus. Remote exploitation is not possible, and the attack does not affect any downstream systems."
}
],
"value": "A Missing Required Cryptographic Step vulnerability has been identified in Moxa\u0027s embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure against CVE-2026-0714. However, an omission in the authorization session configuration causes the parameter encryption to provide no effective protection.\u00a0An attacker with invasive physical access to the device can still capture TPM communications on the SPI bus and derive the LUKS disk encryption key in plaintext. While successful exploitation results in full compromise of the encrypted disk volume, the attack requires invasive physical access, including opening the device and attaching external equipment to the SPI bus. Remote exploitation is not possible, and the attack does not affect any downstream systems."
}
],
"impacts": [
{
"capecId": "CAPEC-699",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-699: Eavesdropping on a Monitor"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-325",
"description": "CWE-325: Missing Cryptographic Step",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T10:00:33.056Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-266240-cve-2026-9266-missing-required-cryptographic-step-vulnerability-in-industrial-computers"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Please refer to Moxa\u0027s security advisory."
}
],
"value": "Please refer to Moxa\u0027s security advisory."
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2026-9266",
"datePublished": "2026-06-12T10:00:33.056Z",
"dateReserved": "2026-05-22T02:41:04.026Z",
"dateUpdated": "2026-06-12T13:29:34.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0715 (GCVE-0-2026-0715)
Vulnerability from nvd – Published: 2026-02-05 17:01 – Updated: 2026-02-05 17:34
VLAI
Summary
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu does not allow full system takeover or privilege escalation. The bootloader enforces digital signature verification and only permits flashing of Moxa-signed images. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential temporary denial-of-service condition if a valid image is reflashed. Remote exploitation is not possible.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/s… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | UC-1200A Series |
Affected:
1.0 , ≤ 1.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0715",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T17:33:53.012256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T17:34:04.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UC-1200A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cyloq"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMoxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with \u003c/span\u003e\u003cstrong\u003ephysical access\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;to the device could use this information to access the bootloader menu via a serial interface. \u0026nbsp;Access to the bootloader menu \u003c/span\u003e\u003cstrong\u003edoes not allow full system takeover or privilege escalation\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. The bootloader enforces digital signature verification and only permits flashing of \u003c/span\u003e\u003cstrong\u003eMoxa-signed images\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential \u003c/span\u003e\u003cstrong\u003etemporary denial-of-service condition\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;if a valid image is reflashed. \u003c/span\u003e\u003cstrong\u003eRemote exploitation is not possible\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access\u00a0to the device could use this information to access the bootloader menu via a serial interface. \u00a0Access to the bootloader menu does not allow full system takeover or privilege escalation. The bootloader enforces digital signature verification and only permits flashing of Moxa-signed images. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential temporary denial-of-service condition\u00a0if a valid image is reflashed. Remote exploitation is not possible."
}
],
"impacts": [
{
"capecId": "CAPEC-102",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-102: Session Sidejacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T17:01:20.476Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Refer to\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers\"\u003ehttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026...\u003c/a\u003e"
}
],
"value": "Refer to\u00a0 https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026... https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2026-0715",
"datePublished": "2026-02-05T17:01:20.476Z",
"dateReserved": "2026-01-08T10:25:24.767Z",
"dateUpdated": "2026-02-05T17:34:04.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0714 (GCVE-0-2026-0714)
Vulnerability from nvd – Published: 2026-02-05 16:58 – Updated: 2026-02-05 17:28
VLAI
Summary
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/s… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | UC-1200A Series |
Affected:
1.0 , ≤ 1.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T17:27:16.212381Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T17:28:18.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UC-1200A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cyloq"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA physical attack vulnerability exists in certain Moxa industrial computers using \u003c/span\u003e\u003cstrong\u003eTPM-backed LUKS full-disk encryption\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;on \u003c/span\u003e\u003cstrong\u003eMoxa Industrial Linux 3\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires \u003c/span\u003e\u003cstrong\u003einvasive physical access\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data \u003c/span\u003e\u003cstrong\u003emay allow offline decryption of eMMC contents\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. This attack \u003c/span\u003e\u003cstrong\u003ecannot be performed through brief or opportunistic physical access\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. \u003c/span\u003e\u003cstrong\u003eRemote exploitation is not possible\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption\u00a0on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access\u00a0and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible."
}
],
"impacts": [
{
"capecId": "CAPEC-401",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-401: Physically Hacking Hardware"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T16:58:50.181Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Refer to\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers\"\u003ehttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026...\u003c/a\u003e"
}
],
"value": "Refer to\u00a0 https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026... https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2026-0714",
"datePublished": "2026-02-05T16:58:50.181Z",
"dateReserved": "2026-01-08T10:25:22.303Z",
"dateUpdated": "2026-02-05T17:28:18.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-9266 (GCVE-0-2026-9266)
Vulnerability from cvelistv5 – Published: 2026-06-12 10:00 – Updated: 2026-06-12 13:29
VLAI
Summary
A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure against CVE-2026-0714. However, an omission in the authorization session configuration causes the parameter encryption to provide no effective protection. An attacker with invasive physical access to the device can still capture TPM communications on the SPI bus and derive the LUKS disk encryption key in plaintext. While successful exploitation results in full compromise of the encrypted disk volume, the attack requires invasive physical access, including opening the device and attaching external equipment to the SPI bus. Remote exploitation is not possible, and the attack does not affect any downstream systems.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-325 - Missing Cryptographic Step
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/s… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | UC-1200A Series |
Affected:
1.0 , ≤ 1.4
(custom)
|
Date Public
2026-06-12 10:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-9266",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T13:29:27.309419Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T13:29:34.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"OS image\u00a0(MIL3 Secure version)"
],
"product": "UC-1200A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:uc-1200a_series:*:*:os_image_mil3_secure_version_:*:*:*:*:*",
"versionEndIncluding": "1.4",
"versionStartIncluding": "1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cyloq"
}
],
"datePublic": "2026-06-12T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Missing Required Cryptographic Step vulnerability has been identified in Moxa\u0027s embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure against CVE-2026-0714. However, an omission in the authorization session configuration causes the parameter encryption to provide no effective protection.\u0026nbsp;An attacker with invasive physical access to the device can still capture TPM communications on the SPI bus and derive the LUKS disk encryption key in plaintext. While successful exploitation results in full compromise of the encrypted disk volume, the attack requires invasive physical access, including opening the device and attaching external equipment to the SPI bus. Remote exploitation is not possible, and the attack does not affect any downstream systems."
}
],
"value": "A Missing Required Cryptographic Step vulnerability has been identified in Moxa\u0027s embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure against CVE-2026-0714. However, an omission in the authorization session configuration causes the parameter encryption to provide no effective protection.\u00a0An attacker with invasive physical access to the device can still capture TPM communications on the SPI bus and derive the LUKS disk encryption key in plaintext. While successful exploitation results in full compromise of the encrypted disk volume, the attack requires invasive physical access, including opening the device and attaching external equipment to the SPI bus. Remote exploitation is not possible, and the attack does not affect any downstream systems."
}
],
"impacts": [
{
"capecId": "CAPEC-699",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-699: Eavesdropping on a Monitor"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-325",
"description": "CWE-325: Missing Cryptographic Step",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T10:00:33.056Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-266240-cve-2026-9266-missing-required-cryptographic-step-vulnerability-in-industrial-computers"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Please refer to Moxa\u0027s security advisory."
}
],
"value": "Please refer to Moxa\u0027s security advisory."
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2026-9266",
"datePublished": "2026-06-12T10:00:33.056Z",
"dateReserved": "2026-05-22T02:41:04.026Z",
"dateUpdated": "2026-06-12T13:29:34.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0715 (GCVE-0-2026-0715)
Vulnerability from cvelistv5 – Published: 2026-02-05 17:01 – Updated: 2026-02-05 17:34
VLAI
Summary
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu does not allow full system takeover or privilege escalation. The bootloader enforces digital signature verification and only permits flashing of Moxa-signed images. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential temporary denial-of-service condition if a valid image is reflashed. Remote exploitation is not possible.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/s… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | UC-1200A Series |
Affected:
1.0 , ≤ 1.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0715",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T17:33:53.012256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T17:34:04.225Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UC-1200A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cyloq"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMoxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with \u003c/span\u003e\u003cstrong\u003ephysical access\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;to the device could use this information to access the bootloader menu via a serial interface. \u0026nbsp;Access to the bootloader menu \u003c/span\u003e\u003cstrong\u003edoes not allow full system takeover or privilege escalation\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. The bootloader enforces digital signature verification and only permits flashing of \u003c/span\u003e\u003cstrong\u003eMoxa-signed images\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential \u003c/span\u003e\u003cstrong\u003etemporary denial-of-service condition\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;if a valid image is reflashed. \u003c/span\u003e\u003cstrong\u003eRemote exploitation is not possible\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access\u00a0to the device could use this information to access the bootloader menu via a serial interface. \u00a0Access to the bootloader menu does not allow full system takeover or privilege escalation. The bootloader enforces digital signature verification and only permits flashing of Moxa-signed images. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential temporary denial-of-service condition\u00a0if a valid image is reflashed. Remote exploitation is not possible."
}
],
"impacts": [
{
"capecId": "CAPEC-102",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-102: Session Sidejacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T17:01:20.476Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Refer to\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers\"\u003ehttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026...\u003c/a\u003e"
}
],
"value": "Refer to\u00a0 https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026... https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2026-0715",
"datePublished": "2026-02-05T17:01:20.476Z",
"dateReserved": "2026-01-08T10:25:24.767Z",
"dateUpdated": "2026-02-05T17:34:04.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0714 (GCVE-0-2026-0714)
Vulnerability from cvelistv5 – Published: 2026-02-05 16:58 – Updated: 2026-02-05 17:28
VLAI
Summary
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-319 - Cleartext Transmission of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.moxa.com/en/support/product-support/s… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Moxa | UC-1200A Series |
Affected:
1.0 , ≤ 1.4
(custom)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0714",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-05T17:27:16.212381Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T17:28:18.287Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "UC-1200A Series",
"vendor": "Moxa",
"versions": [
{
"lessThanOrEqual": "1.4",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Cyloq"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA physical attack vulnerability exists in certain Moxa industrial computers using \u003c/span\u003e\u003cstrong\u003eTPM-backed LUKS full-disk encryption\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;on \u003c/span\u003e\u003cstrong\u003eMoxa Industrial Linux 3\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires \u003c/span\u003e\u003cstrong\u003einvasive physical access\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data \u003c/span\u003e\u003cstrong\u003emay allow offline decryption of eMMC contents\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. This attack \u003c/span\u003e\u003cstrong\u003ecannot be performed through brief or opportunistic physical access\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. \u003c/span\u003e\u003cstrong\u003eRemote exploitation is not possible\u003c/strong\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption\u00a0on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access\u00a0and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible."
}
],
"impacts": [
{
"capecId": "CAPEC-401",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-401: Physically Hacking Hardware"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319: Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-05T16:58:50.181Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Refer to\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers\"\u003ehttps://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026...\u003c/a\u003e"
}
],
"value": "Refer to\u00a0 https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026... https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2026-0714",
"datePublished": "2026-02-05T16:58:50.181Z",
"dateReserved": "2026-01-08T10:25:22.303Z",
"dateUpdated": "2026-02-05T17:28:18.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CERTFR-2026-AVI-0743
Vulnerability from certfr_avis - Published: 2026-06-12 - Updated: 2026-06-12
Une vulnérabilité a été découverte dans les produits Moxa. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Moxa | UC-4400A Series | séries UC-4400A versions antérieures à MIL3.4.1 sans les derniers correctifs de sécurité | ||
| Moxa | UC-2200A Series | séries UC-2200A versions antérieures à MIL4.0.0 sans les derniers correctifs de sécurité | ||
| Moxa | UC-2200A Series | séries UC-2200A versions antérieures à MIL3.4.1 sans les derniers correctifs de sécurité | ||
| Moxa | UC-3400A Series | séries UC-3400A versions antérieures à MIL4.0.0 sans les derniers correctifs de sécurité | ||
| Moxa | V1200 Series | séries V1200 versions antérieures à MIL3 sans les derniers correctifs de sécurité | ||
| Moxa | UC-4400A Series | séries UC-4400A versions antérieures à MIL4.0.0 sans les derniers correctifs de sécurité | ||
| Moxa | V2406C Series | modèles V2406C WL toutes versions | ||
| Moxa | V3200 Series | séries V3200 versions antérieures à MIL3 sans les derniers correctifs de sécurité | ||
| Moxa | V3400 Series | séries V3400 versions antérieures à MIL sans les derniers correctifs de sécurité | ||
| Moxa | UC-1200A Series | séries UC-1200A versions antérieures à MIL3.4.1 sans les derniers correctifs de sécurité | ||
| Moxa | UC-1200A Series | séries UC-1200A versions antérieures à MIL4.0.0 sans les derniers correctifs de sécurité | ||
| Moxa | UC-8200 Series | séries UC-8200 versions antérieures à MIL3.4.1 sans les derniers correctifs de sécurité | ||
| Moxa | UC-3400A Series | séries UC-3400A versions antérieures à MIL3.4.1 sans les derniers correctifs de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "s\u00e9ries UC-4400A versions ant\u00e9rieures \u00e0 MIL3.4.1 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "UC-4400A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries UC-2200A versions ant\u00e9rieures \u00e0 MIL4.0.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "UC-2200A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries UC-2200A versions ant\u00e9rieures \u00e0 MIL3.4.1 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "UC-2200A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries UC-3400A versions ant\u00e9rieures \u00e0 MIL4.0.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "UC-3400A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries V1200 versions ant\u00e9rieures \u00e0 MIL3 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "V1200 Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries UC-4400A versions ant\u00e9rieures \u00e0 MIL4.0.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "UC-4400A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "mod\u00e8les V2406C WL toutes versions",
"product": {
"name": "V2406C Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries V3200 versions ant\u00e9rieures \u00e0 MIL3 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "V3200 Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries V3400 versions ant\u00e9rieures \u00e0 MIL sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "V3400 Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries UC-1200A versions ant\u00e9rieures \u00e0 MIL3.4.1 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "UC-1200A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries UC-1200A versions ant\u00e9rieures \u00e0 MIL4.0.0 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "UC-1200A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries UC-8200 versions ant\u00e9rieures \u00e0 MIL3.4.1 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "UC-8200 Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries UC-3400A versions ant\u00e9rieures \u00e0 MIL3.4.1 sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "UC-3400A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-9266",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-9266"
}
],
"initial_release_date": "2026-06-12T00:00:00",
"last_revision_date": "2026-06-12T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0743",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-12T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits Moxa. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits Moxa",
"vendor_advisories": [
{
"published_at": "2026-06-12",
"title": "Bulletin de s\u00e9curit\u00e9 Moxa MPSA-266240",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-266240-cve-2026-9266-missing-required-cryptographic-step-vulnerability-in-industrial-computers"
}
]
}
CERTFR-2026-AVI-0125
Vulnerability from certfr_avis - Published: 2026-02-06 - Updated: 2026-02-06
De multiples vulnérabilités ont été découvertes dans les produits Moxa. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un déni de service.
L'éditeur, dans son bulletin de sécurité, fournit des recommandations de diminution des risques associés pour les produits V2406C WL Models.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Moxa | N/A | V1200 Series versions antérieures ou égales à v1.2.0 sans le correctif de sécurité 5.10.234-cip57-rt25-moxa9-1+deb11u2 | ||
| Moxa | UC-1200A Series | UC-1200A Series versions antérieures ou égales à v1.4 sans le correctif de sécurité 5.10.234-cip57-rt25-moxa9-1+deb11u2 | ||
| Moxa | N/A | UC-8200 Series versions antérieures ou égales à v1.4 sans le correctif de sécurité 5.10.234-cip57-rt25-moxa9-1+deb11u2 | ||
| Moxa | UC-2200A Series | UC-2200A Series versions antérieures ou égales à v1.4 sans le correctif de sécurité 5.10.234-cip57-rt25-moxa9-1+deb11u2 | ||
| Moxa | N/A | UC-4400A Series versions antérieures ou égales à v1.4 sans le correctif de sécurité 5.10.234-cip57-rt25-moxa9-1+deb11u2 | ||
| Moxa | N/A | UC-3400A Series versions antérieures ou égales à v1.4 sans le correctif de sécurité 5.10.234-cip57-rt25-moxa9-1+deb11u2 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "V1200 Series versions ant\u00e9rieures ou \u00e9gales \u00e0 v1.2.0 sans le correctif de s\u00e9curit\u00e9 5.10.234-cip57-rt25-moxa9-1+deb11u2",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-1200A Series versions ant\u00e9rieures ou \u00e9gales \u00e0 v1.4 sans le correctif de s\u00e9curit\u00e9 5.10.234-cip57-rt25-moxa9-1+deb11u2 ",
"product": {
"name": "UC-1200A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-8200 Series versions ant\u00e9rieures ou \u00e9gales \u00e0 v1.4 sans le correctif de s\u00e9curit\u00e9 5.10.234-cip57-rt25-moxa9-1+deb11u2 ",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-2200A Series versions ant\u00e9rieures ou \u00e9gales \u00e0 v1.4 sans le correctif de s\u00e9curit\u00e9 5.10.234-cip57-rt25-moxa9-1+deb11u2 ",
"product": {
"name": "UC-2200A Series",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-4400A Series versions ant\u00e9rieures ou \u00e9gales \u00e0 v1.4 sans le correctif de s\u00e9curit\u00e9 5.10.234-cip57-rt25-moxa9-1+deb11u2 ",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "UC-3400A Series versions ant\u00e9rieures ou \u00e9gales \u00e0 v1.4 sans le correctif de s\u00e9curit\u00e9 5.10.234-cip57-rt25-moxa9-1+deb11u2 ",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-0715",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0715"
},
{
"name": "CVE-2026-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0714"
}
],
"initial_release_date": "2026-02-06T00:00:00",
"last_revision_date": "2026-02-06T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0125",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Moxa. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.\u003c/br\u003e\nL\u0027\u00e9diteur, dans son bulletin de s\u00e9curit\u00e9, fournit des recommandations de diminution des risques associ\u00e9s pour les produits V2406C WL Models. ",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Moxa",
"vendor_advisories": [
{
"published_at": "2026-02-06",
"title": "Bulletin de s\u00e9curit\u00e9 Moxa MPSA-255121",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers"
}
]
}