Unrated severityNVD Advisory· Published Mar 7, 2023· Updated Jan 16, 2025

CVE-2023-1257

Description

An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Command line options can then be altered, allowing the attacker to access the terminal. From the terminal, the attacker can modify the device’s authentication files to create a new user and gain full access to the system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Grandstream/UCM Seriesllm-fuzzy
MOXA/UC-2100 Seriesv5
Range: V1.3 to V1.5
MOXA/UC-2100-W Seriesv5
Range: V1.3 to V1.5
MOXA/UC-3100 Seriesv5
Range: V1.2 to V2.0
MOXA/UC-5100 Seriesv5
Range: V1.2
Moxa/UC-8100A-ME-Tcpe-rescue
Range: V1.0 to V1.1
MOXA/UC-8100 Seriesv5
Range: V1.2
MOXA/UC-8200 Seriesv5
Range: V1.0 to V2.4
MOXA/UC-8410A Seriesv5
Range: V2.2
MOXA/UC-8540 Seriesv5
Range: V1.0 to V1.2
MOXA/UC-8580 Seriesv5
Range: V1.1

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

www.cisa.gov/uscert/ics/advisories/icsa-22-333-04mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000