CVE-2025-15017

HIGH

Serial Device Servers - Privilege Escalation

Title source: llm

Description

A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with physical access to the device can directly connect to the UART interface and, without authentication, user interaction, or execution conditions, gain unauthorized access to internal debug functionality. Exploitation is low complexity and allows an attacker to execute privileged operations and access sensitive system resources, resulting in a high impact to the confidentiality, integrity, and availability of the affected device. No security impact to external or dependent systems has been identified.

References (1)

[Various Sources] https://www.moxa.com/en/support/product-support/security-advisory/mpsa-257331-cve-2025-15017-active-debug-code-vulnerability-in-serial-device-servers

Scores

CVSS v4 7.0

EPSS 0.0005

EPSS Percentile 16.2%

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-489

Status published

Products (11)

Moxa/NPort 5000AI-M12 Series 1.0

Moxa/NPort 5100 Series 1.0

Moxa/NPort 5100A Series 1.0

Moxa/NPort 5200 Series 1.0

Moxa/NPort 5200A Series 1.0

Moxa/NPort 5400 Series 1.0

Moxa/NPort 5600 Series 1.0

Moxa/NPort 5600-DT Series 1.0

Moxa/NPort IA5000 Series 1.0

Moxa/NPort IA5000-G2 Series 1.0

... and 1 more

Published Dec 31, 2025

Tracked Since Feb 18, 2026