CVE-2025-15017

Summary

A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. Exploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. No security impact to external or dependent systems has been identified.

Affected Software

VendorProductVersion RangeStatus
MoxaNPort 5000AI-M12 Series1.0affected
MoxaNPort 5100 Series1.0affected
MoxaNPort 5100A Series1.0affected
MoxaNPort 5200 Series1.0affected
MoxaNPort 5200A Series1.0affected
MoxaNPort 5400 Series1.0affected
MoxaNPort 5600 Series1.0affected
MoxaNPort 5600-DT Series1.0affected
MoxaNPort IA5000 Series1.0affected
MoxaNPort IA5000A Series1.0affected
MoxaNPort IA5000-G2 Series1.0affected

Weaknesses

  • CWE-489: CWE-489: Active Debug Code

Workarounds

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References