CVE-2023-5627

HIGH

NPort 6000 Series - Privilege Escalation

Title source: llm

Description

A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service.

References (1)

[Vendor Advisory] https://www.moxa.com/en/support/product-support/security-advisory/mpsa-232905-nport-6000-series-incorrect-implementation-of-authentication-algorithm-vulnerability

Scores

CVSS v3 7.5

EPSS 0.0008

EPSS Percentile 22.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-327 CWE-287 CWE-257 CWE-303

Status published

Products (27)

moxa/nport_6150-t_firmware < 1.21

moxa/nport_6150_firmware < 1.21

moxa/nport_6250-m-sc-t_firmware < 1.21

moxa/nport_6250-m-sc_firmware < 1.21

moxa/nport_6250-s-sc-t_firmware < 1.21

moxa/nport_6250-s-sc_firmware < 1.21

moxa/nport_6250-t_firmware < 1.21

moxa/nport_6250_firmware < 1.21

moxa/nport_6450-t_firmware < 1.21

moxa/nport_6450_firmware < 1.21

... and 17 more

Published Nov 01, 2023

Tracked Since Feb 18, 2026