Description

The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability (CVE-2025-1977) that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC (Moxa CLI Configuration) tool. The issue can be exploited remotely over the network with low-attack complexity and no user interaction but requires specific system conditions or configurations to be present. Successful exploitation may result in changes to device settings that were not intended to be permitted for the affected user role, potentially leading to a high impact on the confidentiality, integrity, and availability of the device. No impact on other systems has been identified.

INFO

Published Date :

2025-12-31T07:23:28.569Z

Last Modified :

2025-12-31T16:08:58.114Z

Source :

Moxa
AFFECTED PRODUCTS

The following products are affected by CVE-2025-1977 vulnerability.

Vendors Products
Moxa
  • Nport 6100-g2 Series
  • Nport 6200-g2 Series
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-1977.

URL Resource
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-251731-cve-2025-1977-cve-2025-2026-multiple-vulnerabilities-in-nport-6100-g2-6200-g2-series cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability