As of June 15, 2022, this site no longer supports Internet Explorer. Please use another browser for the best experience on our site.

Product support

Security Advisories

SUMMARY

Moxa UC Series Improper Physical Access Control Vulnerability

Successful exploitation of the improper physical access control vulnerability could allow an attacker who has gained physical access to the device to take full control using the console port.

In order for this vulnerability to be exploited, an attacker has to use a cable to access the device’s bootloader menu. Therefore, the device is vulnerable if it is deployed in an area without proper physical security (e.g., in an open space without access control).

Moxa’s PSIRT would like to remind organizations to perform a proper impact analysis and risk assessment prior to deploying defensive measures, such as the security patch.

The identified vulnerability types and potential impacts are shown below:

Item Vulnerability Type Impact
1 Improper Physical Access Control
(CVE 2023-1257)
An attacker with physical access to the device can restart the device and gain access to its BIOS. Then, command line options can be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device authentication files to create a new user profile and gain full access to the system.
AFFECTED PRODUCTS AND SOLUTIONS

Affected Products:

The affected products and firmware versions are shown below.

Product Series Affected Bootloader Versions
UC-8580 Series V1.1
UC-8540 Series V1.0 to V1.2
UC-8410A Series V2.2
UC-8200 Series V1.0 to V2.4
UC-8100A-ME-T Series V1.0 to V1.1
UC-8100 Series V1.2
UC-5100 Series V1.2
UC-3100 Series V1.2 to V2.0
UC-2100 Series V1.3 to V1.5
UC-2100-W Series V1.3 to V1.5

 

Solutions:

Moxa has developed appropriate solutions to address the vulnerabilities. The solutions for affected products are shown below.

Product Series Solutions
All affected product series listed above Please contact Moxa Technical Support for the security patch.

Mitigations:

Install the device in a location with proper physical security such as entry control with a security guard, or a locked cabinet.

Acknowledgment:

We would like to express our appreciation to Casper Bladt of ICSrange.com research team for reporting the vulnerability, working with us to help enhance the security of our products, and helping us provide a better service to our customers.

 

Revision History:

VERSION DESCRIPTION RELEASE DATE
1.0 First Release Nov 29, 2022
1.1 Update the affected bootloader version of UC-8100 series Feb 9, 2023
1.2 Change CVE ID Mar 16, 2023

Relevant Products

UC-2100 Series · UC-2100-W Series · UC-3100 Series · UC-5100 Series · UC-8100 Series · UC-8100A-ME-T Series · UC-8200 Series · UC-8410A Series · UC-8540 Series · UC-8580 Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag
You have some items waiting in your bag; click here to finish your quote!
Feedback