CVE-2026-0715
moderate-risk
Published 2026-02-05
Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu does not allow full system takeover or privilege escalation. The bootloader enforces digital signature verification and only permits flashing of Moxa-signed images. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential temporary denial-of-service condition if a valid image is reflashed. Remote exploitation is not possible.
Do I need to act?
-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.8/10
Medium
PHYSICAL
/ LOW complexity
Affected Products (20)
Uc-1222A Firmware
Uc-2222A-T-Us Firmware
Uc-2222A-T Firmware
Uc-2222A-T-Ap Firmware
Uc-2222A-T-Eu Firmware
Uc-3434A-T-Lte-Wifi Firmware
Uc-3424A-T-Lte Firmware
Uc-3420A-T-Lte Firmware
Uc-3430A-T-Lte-Wifi Firmware
Uc-4450A-T-5G Firmware
Uc-4434A-I-T Firmware
Uc-4410A-T Firmware
Uc-4454A-T-5G Firmware
Uc-4414A-I-T Firmware
Uc-4430A-T Firmware
Uc-8210-T-Lx-S Firmware
Uc-8220-T-Lx-Eu-S Firmware
Uc-8220-T-Lx-Ap-S Firmware
Uc-8220-T-Lx-Us-S Firmware
Uc-8220-T-Lx Firmware
Affected Vendors
References (1)
45
/ 100
moderate-risk
Severity
22/34 · High
Exploitability
0/34 · Minimal
Exposure
23/34 · High