CVE-2023-4227

MEDIUM

ioLogik 4000 Series <1.6 - Privilege Escalation

Title source: llm

Description

A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of sensitive information. The vulnerability is attributed to the presence of an unauthorized service, which could potentially enable unauthorized access to the. device.

References (1)

[Vendor Advisory] https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-iologik-4000-series-multiple-web-server-vulnerabilities-and-improper-access-control-vulnerability

Scores

CVSS v3 5.3

EPSS 0.0016

EPSS Percentile 36.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-489 CWE-863

Status published

Products (1)

moxa/iologik_e4200_firmware < 1.6

Published Aug 24, 2023

Tracked Since Feb 18, 2026