Description

Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface.  Access to the bootloader menu does not allow full system takeover or privilege escalation. The bootloader enforces digital signature verification and only permits flashing of Moxa-signed images. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential temporary denial-of-service condition if a valid image is reflashed. Remote exploitation is not possible.

INFO

Published Date :

2026-02-05T17:01:20.476Z

Last Modified :

2026-02-05T17:34:04.225Z

Source :

Moxa
AFFECTED PRODUCTS

The following products are affected by CVE-2026-0715 vulnerability.

Vendors Products
Moxa
  • Uc-1200a Series
  • Uc-1222a
  • Uc-1222a Firmware
  • Uc-2222a-t
  • Uc-2222a-t-ap
  • Uc-2222a-t-ap Firmware
  • Uc-2222a-t-eu
  • Uc-2222a-t-eu Firmware
  • Uc-2222a-t-us
  • Uc-2222a-t-us Firmware
  • Uc-2222a-t Firmware
  • Uc-3420a-t-lte
  • Uc-3420a-t-lte Firmware
  • Uc-3424a-t-lte
  • Uc-3424a-t-lte Firmware
  • Uc-3430a-t-lte-wifi
  • Uc-3430a-t-lte-wifi Firmware
  • Uc-3434a-t-lte-wifi
  • Uc-3434a-t-lte-wifi Firmware
  • Uc-4410a-t
  • Uc-4410a-t Firmware
  • Uc-4414a-i-t
  • Uc-4414a-i-t Firmware
  • Uc-4430a-t
  • Uc-4430a-t Firmware
  • Uc-4434a-i-t
  • Uc-4434a-i-t Firmware
  • Uc-4450a-t-5g
  • Uc-4450a-t-5g Firmware
  • Uc-4454a-t-5g
  • Uc-4454a-t-5g Firmware
  • Uc-8210-t-lx-s
  • Uc-8210-t-lx-s Firmware
  • Uc-8220-t-lx
  • Uc-8220-t-lx-ap-s
  • Uc-8220-t-lx-ap-s Firmware
  • Uc-8220-t-lx-eu-s
  • Uc-8220-t-lx-eu-s Firmware
  • Uc-8220-t-lx-us-s
  • Uc-8220-t-lx-us-s Firmware
  • Uc-8220-t-lx Firmware
  • V1202-ct-t
  • V1202-ct-t Firmware
  • V1222-ct-t
  • V1222-ct-t Firmware
  • V1222-w-ct-t
  • V1222-w-ct-t Firmware
  • V2406c-kl1-ct-t
  • V2406c-kl1-ct-t Firmware
  • V2406c-kl1-t
  • V2406c-kl1-t Firmware
  • V2406c-kl3-t
  • V2406c-kl3-t Firmware
  • V2406c-kl5-t
  • V2406c-kl5-t Firmware
  • V2406c-kl7-ct-t
  • V2406c-kl7-ct-t Firmware
  • V2406c-kl7-t
  • V2406c-kl7-t Firmware
  • V2406c-wl1-ct-t
  • V2406c-wl1-ct-t Firmware
  • V2406c-wl1-t
  • V2406c-wl1-t Firmware
  • V2406c-wl3-t
  • V2406c-wl3-t Firmware
  • V2406c-wl5-t
  • V2406c-wl5-t Firmware
  • V2406c-wl7-ct-t
  • V2406c-wl7-ct-t Firmware
  • V2406c-wl7-t
  • V2406c-wl7-t Firmware
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-0715.

URL Resource
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact