N/A

Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface.  Access to the bootloader menu does not allow full system takeover or privilege escalation. The bootloader enforces digital signature verification and only permits flashing of Moxa-signed images. As a result, an attacker cannot install malicious firmware or execute arbitrary code. The primary impact is limited to a potential temporary denial-of-service condition if a valid image is reflashed. Remote exploitation is not possible.

N/A

不充分的凭证保护机制

MOXA UC Series 安全漏洞

MOXA UC Series是中国摩莎（MOXA）公司的一系列计算机。 MOXA UC Series存在安全漏洞，该漏洞源于设备独特的引导加载程序密码可能被物理访问者利用，可能导致临时拒绝服务。

N/A

N/A