moxa

Top products

The 15 most recently published vulnerabilities affecting moxa.

• CVE-2026-4483An exposed IOCTL with an  insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, expo...6.0Apr 8, 2026
• CVE-2026-0715Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use th...6.8Feb 5, 2026
• CVE-2026-0714A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU vi...6.8Feb 5, 2026
• CVE-2025-15017A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interf...6.8Dec 31, 2025
• CVE-2025-1977The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability (CVE-2025-1977) that allows an authenticated user with read-only access to perform unauthorize...8.8Dec 31, 2025
• CVE-2025-1680An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in Moxa’s Ethernet switches, which allows attackers with administrative privileges to manipulate HTT...3.5Oct 23, 2025
• CVE-2025-1679Cross-site Scripting has been identified in Moxa’s Ethernet switches, which allows an authenticated administrative attacker to inject malicious scripts to an affected device’s web service that ...5.9Oct 23, 2025
• CVE-2025-6950An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. The system employs a hard-coded secret key to sign JSON Web Tokens (JWT) used...9.8Oct 17, 2025
• CVE-2025-6949An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A critical authorization flaw in the API allows an authenticated, low...8.8Oct 17, 2025
• CVE-2025-6894An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in the API authorization logic of the affected device allows a...5.4Oct 17, 2025
• CVE-2025-6893An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in broken access control has been identified in the /api/v1/se...8.8Oct 17, 2025
• CVE-2025-6892An Incorrect Authorization vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in the API authentication mechanism allows unauthorized access to protected ...8.8Oct 17, 2025
• CVE-2025-5191Unquoted Search Path Vulnerability in the Utility for Industrial Computers (Windows)7.8Aug 25, 2025
• CVE-2025-0676Commend Injection Leading to Privilege Escalation7.2Apr 2, 2025
• CVE-2025-0415Command Injection in NTP Setting9.1Apr 2, 2025