CVE-2025-15017
CVE-2025-15017
A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. Exploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. No security impact to external or dependent systems has been identified.
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Moxa · NPort 5000AI-M12 SeriesMoxa · NPort 5100A SeriesMoxa · NPort 5100 SeriesMoxa · NPort 5200A SeriesMoxa · NPort 5200 SeriesMoxa · NPort 5400 SeriesMoxa · NPort 5600-DT SeriesMoxa · NPort 5600 SeriesMoxa · NPort IA5000A SeriesMoxa · NPort IA5000-G2 SeriesMoxa · NPort IA5000 SeriesQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →