CVE-2025-15017 (GCVE-0-2025-15017)
Vulnerability from cvelistv5 – Published: 2025-12-31 07:44 – Updated: 2025-12-31 16:06
VLAI?
Summary
A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. Exploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. No security impact to external or dependent systems has been identified.
Severity ?
CWE
- CWE-489 - Active Debug Code
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Moxa | NPort 5000AI-M12 Series |
Affected:
1.0
(custom)
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15017",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-31T16:06:25.868011Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T16:06:32.337Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "NPort 5000AI-M12 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort 5100 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort 5100A Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort 5200 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort 5200A Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort 5400 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort 5600 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort 5600-DT Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort IA5000 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort IA5000A Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "affected",
"product": "NPort IA5000-G2 Series",
"vendor": "Moxa",
"versions": [
{
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_5000ai-m12_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_5100_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_5100a_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_5200_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_5200a_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_5400_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_5600_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_5600-dt_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_ia5000_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_ia5000a_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:moxa:nport_ia5000-g2_series:1.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo security impact to external or dependent systems has been identified.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. Exploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. No security impact to external or dependent systems has been identified."
}
],
"impacts": [
{
"capecId": "CAPEC-121",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-121: Exploit Non-Production Interfaces"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489: Active Debug Code",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-31T07:44:24.344Z",
"orgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"shortName": "Moxa"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257331-cve-2025-15017-active-debug-code-vulnerability-in-serial-device-servers"
}
],
"source": {
"discovery": "EXTERNAL"
},
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cul\u003e\u003cli\u003eFor the NPort 5000 Series, make sure that the physical protection of the NPort devices and/or the system meets the security needs of your application. By limiting physical access to authorized personnel, you significantly reduce the risk of local cyberattacks. Please refer to \u003cstrong\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.moxa.com/en/products/industrial-edge-connectivity/serial-device-servers/general-device-servers/nport-5100-series#resources\"\u003eThe Security Hardening Guide for NPort 5000 Series (v2.4 or later)\u003c/a\u003e\u003c/strong\u003e\u0026nbsp;for more information.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "* For the NPort 5000 Series, make sure that the physical protection of the NPort devices and/or the system meets the security needs of your application. By limiting physical access to authorized personnel, you significantly reduce the risk of local cyberattacks. Please refer to The Security Hardening Guide for NPort 5000 Series (v2.4 or later) https://www.moxa.com/en/products/industrial-edge-connectivity/serial-device-servers/general-device-servers/nport-5100-series#resources \u00a0for more information."
}
],
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "2e0a0ee2-d866-482a-9f5e-ac03d156dbaa",
"assignerShortName": "Moxa",
"cveId": "CVE-2025-15017",
"datePublished": "2025-12-31T07:44:24.344Z",
"dateReserved": "2025-12-22T02:07:12.459Z",
"dateUpdated": "2025-12-31T16:06:32.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-15017\",\"sourceIdentifier\":\"psirt@moxa.com\",\"published\":\"2025-12-31T08:15:44.303\",\"lastModified\":\"2025-12-31T20:42:15.637\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. Exploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. No security impact to external or dependent systems has been identified.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@moxa.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}]},\"weaknesses\":[{\"source\":\"psirt@moxa.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-489\"}]}],\"references\":[{\"url\":\"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257331-cve-2025-15017-active-debug-code-vulnerability-in-serial-device-servers\",\"source\":\"psirt@moxa.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-15017\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-31T16:06:25.868011Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-31T16:06:29.268Z\"}}], \"cna\": {\"source\": {\"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-121\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-121: Exploit Non-Production Interfaces\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 7, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"PHYSICAL\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Moxa\", \"product\": \"NPort 5000AI-M12 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort 5100 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort 5100A Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort 5200 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort 5200A Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort 5400 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort 5600 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort 5600-DT Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort IA5000 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort IA5000A Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}, {\"vendor\": \"Moxa\", \"product\": \"NPort IA5000-G2 Series\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0\", \"versionType\": \"custom\"}], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257331-cve-2025-15017-active-debug-code-vulnerability-in-serial-device-servers\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"* For the NPort 5000 Series, make sure that the physical protection of the NPort devices and/or the system meets the security needs of your application. By limiting physical access to authorized personnel, you significantly reduce the risk of local cyberattacks. Please refer to The Security Hardening Guide for NPort 5000 Series (v2.4 or later) https://www.moxa.com/en/products/industrial-edge-connectivity/serial-device-servers/general-device-servers/nport-5100-series#resources \\u00a0for more information.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cul\u003e\u003cli\u003eFor the NPort 5000 Series, make sure that the physical protection of the NPort devices and/or the system meets the security needs of your application. By limiting physical access to authorized personnel, you significantly reduce the risk of local cyberattacks. Please refer to \u003cstrong\u003e\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.moxa.com/en/products/industrial-edge-connectivity/serial-device-servers/general-device-servers/nport-5100-series#resources\\\"\u003eThe Security Hardening Guide for NPort 5000 Series (v2.4 or later)\u003c/a\u003e\u003c/strong\u003e\u0026nbsp;for more information.\u003c/li\u003e\u003c/ul\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.5.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. Exploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. No security impact to external or dependent systems has been identified.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eA vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. \u003c/span\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eAn attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. \u003c/span\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eExploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. \u003c/span\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eNo security impact to external or dependent systems has been identified.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-489\", \"description\": \"CWE-489: Active Debug Code\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_5000ai-m12_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_5100_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_5100a_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_5200_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_5200a_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_5400_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_5600_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_5600-dt_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_ia5000_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_ia5000a_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}, {\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:moxa:nport_ia5000-g2_series:1.0:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"providerMetadata\": {\"orgId\": \"2e0a0ee2-d866-482a-9f5e-ac03d156dbaa\", \"shortName\": \"Moxa\", \"dateUpdated\": \"2025-12-31T07:44:24.344Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-15017\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-31T16:06:32.337Z\", \"dateReserved\": \"2025-12-22T02:07:12.459Z\", \"assignerOrgId\": \"2e0a0ee2-d866-482a-9f5e-ac03d156dbaa\", \"datePublished\": \"2025-12-31T07:44:24.344Z\", \"assignerShortName\": \"Moxa\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…