CVE-2025-15017

CVSS 7 HIGHEPSS 0.2%CWE-489

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Lifecycle

31 Dec 2025Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. Exploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. No security impact to external or dependent systems has been identified.

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected products

Moxa · NPort 5000AI-M12 Series Moxa · NPort 5100A Series Moxa · NPort 5100 Series Moxa · NPort 5200A Series Moxa · NPort 5200 Series Moxa · NPort 5400 Series Moxa · NPort 5600-DT Series Moxa · NPort 5600 Series Moxa · NPort IA5000A Series Moxa · NPort IA5000-G2 Series Moxa · NPort IA5000 Series

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257331-cve-2025-15017-active-debug-code-vulnerability-in-serial-device-servers