{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-1257", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "state": "PUBLISHED", "assignerShortName": "icscert", "dateReserved": "2023-03-07T16:16:20.728Z", "datePublished": "2023-03-07T16:54:21.053Z", "dateUpdated": "2025-01-16T21:55:20.265Z"}, "containers": {"cna": {"title": "CVE-2023-1257", "descriptions": [{"lang": "en", "value": "An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Command line options can then be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device\u2019s authentication files to create a new user and gain full access to the system."}], "source": {"discovery": "UNKNOWN"}, "affected": [{"vendor": "MOXA", "product": "UC-8580 Series", "versions": [{"status": "affected", "version": "V1.1"}]}, {"vendor": "MOXA", "product": "UC-8540 Series", "versions": [{"status": "affected", "version": "V1.0 to V1.2"}]}, {"vendor": "MOXA", "product": "UC-8410A Series", "versions": [{"status": "affected", "version": "V2.2"}]}, {"vendor": "MOXA", "product": "UC-8200 Series", "versions": [{"status": "affected", "version": "V1.0 to V2.4"}]}, {"vendor": "MOXA", "product": "UC-8100A-ME-T Series", "versions": [{"status": "affected", "version": "V1.0 to V1.1"}]}, {"vendor": "MOXA", "product": "UC-8100 Series", "versions": [{"status": "affected", "version": "V1.2"}]}, {"vendor": "MOXA", "product": "UC-5100 Series", "versions": [{"status": "affected", "version": "V1.2"}]}, {"vendor": "MOXA", "product": "UC-3100 Series", "versions": [{"status": "affected", "version": "V1.2 to V2.0"}]}, {"vendor": "MOXA", "product": "UC-2100 Series", "versions": [{"status": "affected", "version": "V1.3 to V1.5"}]}, {"vendor": "MOXA", "product": "UC-2100-W Series", "versions": [{"status": "affected", "version": "V1.3 to V1.5"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-1263"}]}], "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-04"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "baseScore": 7.6, "baseSeverity": "HIGH"}}], "x_generator": {"engine": "VINCE 2.0.6", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-1257"}, "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-03-07T16:54:21.053Z"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:40:59.879Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-04", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-16T20:31:37.359721Z", "id": "CVE-2023-1257", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-16T21:55:20.265Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-04", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:40:59.879Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-1257", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-16T20:31:37.359721Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-16T20:31:38.941Z"}}], "cna": {"title": "CVE-2023-1257", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "PHYSICAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "MOXA", "product": "UC-8580 Series", "versions": [{"status": "affected", "version": "V1.1"}]}, {"vendor": "MOXA", "product": "UC-8540 Series", "versions": [{"status": "affected", "version": "V1.0 to V1.2"}]}, {"vendor": "MOXA", "product": "UC-8410A Series", "versions": [{"status": "affected", "version": "V2.2"}]}, {"vendor": "MOXA", "product": "UC-8200 Series", "versions": [{"status": "affected", "version": "V1.0 to V2.4"}]}, {"vendor": "MOXA", "product": "UC-8100A-ME-T Series", "versions": [{"status": "affected", "version": "V1.0 to V1.1"}]}, {"vendor": "MOXA", "product": "UC-8100 Series", "versions": [{"status": "affected", "version": "V1.2"}]}, {"vendor": "MOXA", "product": "UC-5100 Series", "versions": [{"status": "affected", "version": "V1.2"}]}, {"vendor": "MOXA", "product": "UC-3100 Series", "versions": [{"status": "affected", "version": "V1.2 to V2.0"}]}, {"vendor": "MOXA", "product": "UC-2100 Series", "versions": [{"status": "affected", "version": "V1.3 to V1.5"}]}, {"vendor": "MOXA", "product": "UC-2100-W Series", "versions": [{"status": "affected", "version": "V1.3 to V1.5"}]}], "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-04"}], "x_generator": {"env": "prod", "engine": "VINCE 2.0.6", "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-1257"}, "descriptions": [{"lang": "en", "value": "An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Command line options can then be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device\u2019s authentication files to create a new user and gain full access to the system."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-1263"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2023-03-07T16:54:21.053Z"}}}, "cveMetadata": {"cveId": "CVE-2023-1257", "state": "PUBLISHED", "dateUpdated": "2025-01-16T21:55:20.265Z", "dateReserved": "2023-03-07T16:16:20.728Z", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "datePublished": "2023-03-07T16:54:21.053Z", "assignerShortName": "icscert"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2101-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9476FEEA-D608-40B7-BAD8-D85E3A433114", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2101-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA09978A-2E63-4E29-A693-F0361951FCFF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2102-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3786680-F178-4ADC-8085-7DC198A7BDE7", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2102-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "053D848E-1BB1-4B91-A205-84F83FE57E8F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2102-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5455BBF9-75C8-4D21-B32E-3CD3C036E001", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2102-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "D45B4C7D-A4D9-420D-A878-8ADB724AF24B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2104-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D451BCD-8067-4AA1-9ED4-FFFD37BB0B52", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2104-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7C374EE-E4C8-469F-BC45-E43F739D3D23", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2111-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8EFDF2E-D2B0-4FA5-9060-BC63A8792853", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2111-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F85BA8C3-A65F-4B61-8A94-7B67D236919F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2112-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "18404A5F-EF72-4236-B9E0-3BF3EE861B3E", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2112-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C653CF9A-080A-48B1-81F2-B72D2B4A1504", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2114-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDCA0FFC-B0DD-4BED-A39C-6C579F3648A3", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:moxa:uc-2114-t-lx_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0538BE2C-D4F4-4C26-A2E6-50CF7AFB3E54", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2114-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9862617F-C1E4-4437-98E5-3A9322572C2E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2116-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "49F8203C-B1C6-4175-90B0-C3589DB36C25", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2116-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC3535DE-C643-4BB0-A9A4-6B7641570BC1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3101-t-ap-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCCA2B92-FEC5-4B32-8FE6-EBEC9FAE791A", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3101-t-ap-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3549908-B58E-4053-B3B6-709CAEF2E383", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3101-t-eu-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "07048618-0EC6-407B-AEF0-F44ED5229F2D", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3101-t-eu-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F011C44-45F4-4147-9237-793C81EDE740", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3101-t-us-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1D9A016-00F0-4488-BCE7-A3BC89C7EE51", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3101-t-us-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4C1ECFC-BFAE-41FD-A281-CDF7D4F50308", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-ap-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E030D12F-012D-4CB3-999F-5BB869A4CFE0", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-ap-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4969D5B4-7704-48C2-B6C6-43AAB4FD4609", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-ap-lx-nw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E80201F-7EF4-43BC-8D43-49C3B5E0CD40", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-ap-lx-nw:-:*:*:*:*:*:*:*", "matchCriteriaId": "B63A3ADE-DFA0-4579-B3CA-4CCDADE0A00D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-eu-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E16F237-70FA-4856-882C-D5394BD9AA4B", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-eu-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "3827809F-C307-46E7-AE94-D108407B81FF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-eu-lx-nw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "20A7D0F9-ADF9-4598-A47D-AD0151B7C041", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-eu-lx-nw:-:*:*:*:*:*:*:*", "matchCriteriaId": "C400E9A7-C51B-476F-97B4-5B269A922231", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-us-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0CA63341-F990-4A60-AD4B-538C2CC9E046", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-us-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5EF2E7B-586A-42DD-A202-068CE7B3495E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-us-lx-nw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD3A8DEA-536F-4F85-B686-2201CCF3B16A", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-us-lx-nw:-:*:*:*:*:*:*:*", "matchCriteriaId": "51BBEAAB-C051-46CC-A7B8-D48BA272775A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3121-t-ap-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0DBB564-6A91-471F-8494-ABEF4B997180", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3121-t-ap-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2B57685-91FC-4125-9C30-5FDD8A049381", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3121-t-eu-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5A011FC-7361-4D20-96E7-5AD06EB76960", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3121-t-eu-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B249A63B-AC3E-4342-A7B8-4FF05B0ACC33", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3121-t-us-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3661F92D-3F5A-43E6-A7FA-57E25283CCCD", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3121-t-us-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F22B234A-8AA0-4CB5-AF97-74320919DCF3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5101-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "60187707-601B-4C5F-A650-4622A8377917", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5101-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEB51C37-B6B7-4D1B-B4A5-5A5CBC1DC0DE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5101-t-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "48FAD68E-A7ED-4217-ABAD-5B2311B47995", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5101-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "03DAAE8E-16DF-4046-9867-86105DB279AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5102-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "4E59C5D5-0000-460C-BDEC-33A03414BAD9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5102-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C156071-5FA1-43EF-97CF-98385375D8B0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5102-t-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F6D2831E-83C3-4B34-9611-41562214435C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5102-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "286A88C3-FD36-4241-8C48-A54332302050", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5111-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "98092E25-C6F3-4B4D-813C-9DAE24847B2A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5111-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "E555662F-D557-4337-B490-C53AF0B2A8C7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5111-t-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "CE66A6B2-1C39-4142-A844-F9498C517E29", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5111-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "DACA16B7-CAD0-4362-916A-A3A85F09B3F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5112-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "0E9EABBB-B08E-405A-AC9F-40B4F9A0B252", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5112-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FF9A229-827B-471B-859A-CF51BD469A64", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5112-t-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F9636961-2636-4894-8F0F-67DB2532A0DF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5112-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F055724-0BEA-47A7-B8D3-5C5A7AFA5972", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8112-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "266939EB-1BAF-4956-9E80-AE3E8D33079F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8112-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7129CF3-628A-46C5-865B-9ADCC0658C03", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8131-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E3A0029F-3F54-45E8-A692-C4359D32C638", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8131-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "A10928A2-9245-40DC-B8FD-41CCB35D22C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8132-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "4363C3E4-490D-4B7A-ACBE-69D30C1BB632", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8132-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C14FDB09-7888-4648-8E35-C1FA14EE7541", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8162-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "3B08DFFC-C86F-45CD-B42B-472DEE477FDC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8162-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "732AEFCC-7231-4788-869B-25B9247E52FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8112-me-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BBD4A9F-D4FB-4FD1-B55E-0D1A3B1C94AF", "versionEndIncluding": "1.1", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8112-me-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B6845A55-EE87-4A16-851A-9811D895ED3E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8112-me-t-lx1_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "67EB6C4F-3C33-4482-AE39-3961C136C44C", "versionEndIncluding": "1.1", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8112-me-t-lx1:-:*:*:*:*:*:*:*", "matchCriteriaId": "7BEEE468-A757-47A2-A7D4-E1C1C156D5A3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8112a-me-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AEAD531B-D5EA-4C97-B928-2C2E133C3D32", "versionEndIncluding": "1.1", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8112a-me-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC2F0871-28EA-4625-8389-E89A8D023A15", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8210-t-lx-s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "932D7E88-2240-4911-AB0A-DEC2EDF7E4A6", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8210-t-lx-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "53104CD8-0DF4-46E5-87F1-B5810EB1B79E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8220-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA04BED1-4FEB-462D-A5C7-E2019EC9B09D", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8220-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "D65808DD-2672-42D7-8544-8A9E0D1519E5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8220-t-lx-ap-s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E8FFABB-6B68-43D6-8A96-83E0C6272148", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8220-t-lx-ap-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDC404D8-D558-462F-898F-9CFE54330FD2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8220-t-lx-eu-s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D62E4E9-6B28-4EF4-9628-F64CAF29676B", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8220-t-lx-eu-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5D493C8-E0E4-4C2B-8A95-66DB61BD7035", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8220-t-lx-s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "84E1A143-3118-4BAC-A19C-7743B3161349", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8220-t-lx-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "6AA15CCF-BFF5-4902-9654-195E0C67FC65", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8220-t-lx-us-s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9330358B-65D2-4688-B515-306E64B8712C", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8220-t-lx-us-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "726EC056-8BC7-4ACC-A6FF-7E7664859B03", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8410a-lx_firmware:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "88F0611D-16FB-4D67-BF72-8A699B74A122", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8410a-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "08B660E3-EDC3-46F1-9B7C-27DF6C9361F3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8410a-nw-lx_firmware:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "CB8109CE-4B8B-4F18-9391-E0A41E043DD8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8410a-nw-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B6C0056-578C-4429-8A1E-7638D5C1CCEB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8410a-nw-t-lx_firmware:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "13B14B96-CD23-4C02-8930-B1E0B630A06F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8410a-nw-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "26D38C84-9329-4320-B435-9F29A48EA06D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8410a-t-lx_firmware:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "4D6BA840-B9E6-43FA-AB37-292D41DA6828", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8410a-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC2B1263-2F49-43BF-AE2A-631F252E2820", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8540-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "57F35CCC-B7C4-4707-A743-C744D2CC70BA", "versionEndIncluding": "1.2", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8540-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9297DE42-0B5E-4BE4-9773-0583DA4CAB2D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8540-t-ct-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AED57E6-C50B-4C29-B780-C87ECE75D885", "versionEndIncluding": "1.2", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8540-t-ct-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "848FF5D2-6EC9-43E4-8CDF-2EEAA20AEB3A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8540-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F818E8C-445E-409D-9ECC-FE0E25078D51", "versionEndIncluding": "1.2", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8540-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "25F11CDF-4D2A-4A85-B50D-A7754279BDD1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A3DD9BB-5D69-4CDB-A942-5E81983EF6ED", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A766734-2683-439D-8814-C0989B082CEE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-q-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "DBD5C0D4-F18D-4AC8-B9E4-30E512D0BD78", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-q-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "36C4FE9E-9767-45A8-A585-F1641746BFBB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-t-ct-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "52447718-73AB-40DB-B576-FFBC31F0FAB8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-t-ct-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9B306C0E-4807-4870-B836-7250F0A9F036", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-t-ct-q-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "38BA48C0-B99D-41BF-BDDE-AFC366884A2D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-t-ct-q-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDBC0E20-0DA0-4724-B515-7FFBAF3FA2EC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-t-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7D6EF904-345E-43FB-BBA7-B4BAA4214A46", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "E10983BA-E998-481E-A994-6D48DB986089", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-t-q-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F6F0D7D9-FDE5-4EB4-9C21-2ECF89591320", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-t-q-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F238A13-893F-426F-BF29-48DDE9AFE2BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Command line options can then be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device\u2019s authentication files to create a new user and gain full access to the system."}], "id": "CVE-2023-1257", "lastModified": "2024-11-21T07:38:46.613", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 6.0, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-07T17:15:12.527", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-04"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-333-04"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified"}

{}