CVE-2026-0714

A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:moxa:uc-1222a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-1222a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:moxa:uc-2222a-t-us_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t-us:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:moxa:uc-2222a-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:moxa:uc-2222a-t-ap_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t-ap:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:moxa:uc-2222a-t-eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t-eu:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:moxa:uc-3434a-t-lte-wifi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3434a-t-lte-wifi:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:moxa:uc-3424a-t-lte_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3424a-t-lte:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:moxa:uc-3420a-t-lte_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3420a-t-lte:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:moxa:uc-3430a-t-lte-wifi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3430a-t-lte-wifi:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:moxa:uc-4450a-t-5g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4450a-t-5g:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:moxa:uc-4434a-i-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4434a-i-t:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:moxa:uc-4410a-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4410a-t:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:moxa:uc-4454a-t-5g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4454a-t-5g:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:moxa:uc-4414a-i-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4414a-i-t:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:moxa:uc-4430a-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4430a-t:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:moxa:uc-8210-t-lx-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8210-t-lx-s:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:moxa:uc-8220-t-lx-eu-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx-eu-s:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:moxa:uc-8220-t-lx-ap-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx-ap-s:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:moxa:uc-8220-t-lx-us-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx-us-s:-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:moxa:uc-8220-t-lx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx:-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:moxa:v1202-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v1202-ct-t:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:moxa:v1222-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v1222-ct-t:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:moxa:v1222-w-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v1222-w-ct-t:-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:moxa:v2406c-kl7-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl7-ct-t:-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:moxa:v2406c-kl7-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl7-t:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:moxa:v2406c-wl7-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl7-ct-t:-:*:*:*:*:*:*:*

Configuration 27 (hide)

AND
cpe:2.3:o:moxa:v2406c-wl5-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl5-t:-:*:*:*:*:*:*:*

Configuration 28 (hide)

AND
cpe:2.3:o:moxa:v2406c-kl1-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl1-ct-t:-:*:*:*:*:*:*:*

Configuration 29 (hide)

AND
cpe:2.3:o:moxa:v2406c-wl3-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl3-t:-:*:*:*:*:*:*:*

Configuration 30 (hide)

AND
cpe:2.3:o:moxa:v2406c-wl1-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl1-ct-t:-:*:*:*:*:*:*:*

Configuration 31 (hide)

AND
cpe:2.3:o:moxa:v2406c-kl3-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl3-t:-:*:*:*:*:*:*:*

Configuration 32 (hide)

AND
cpe:2.3:o:moxa:v2406c-wl1-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl1-t:-:*:*:*:*:*:*:*

Configuration 33 (hide)

AND
cpe:2.3:o:moxa:v2406c-kl1-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl1-t:-:*:*:*:*:*:*:*

Configuration 34 (hide)

AND
cpe:2.3:o:moxa:v2406c-wl7-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl7-t:-:*:*:*:*:*:*:*

Configuration 35 (hide)

AND
cpe:2.3:o:moxa:v2406c-kl5-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl5-t:-:*:*:*:*:*:*:*

History

18 Feb 2026, 17:55

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.8
Summary
  • (es) Existe una vulnerabilidad de ataque físico en ciertas computadoras industriales Moxa que utilizan cifrado de disco completo LUKS respaldado por TPM en Moxa Industrial Linux 3, donde el TPM discreto está conectado a la CPU a través de un bus SPI. La explotación requiere acceso físico invasivo, incluyendo abrir el dispositivo y conectar equipo externo al bus SPI para capturar las comunicaciones del TPM. Si tiene éxito, los datos capturados pueden permitir el descifrado fuera de línea del contenido de la eMMC. Este ataque no puede realizarse mediante acceso físico breve u oportunista y requiere acceso físico prolongado, posesión del dispositivo, equipo apropiado y tiempo suficiente para la captura y análisis de señales. La explotación remota no es posible.
First Time Moxa uc-1222a
Moxa uc-4410a-t
Moxa v2406c-kl1-ct-t
Moxa v1222-w-ct-t Firmware
Moxa v2406c-wl3-t
Moxa uc-2222a-t-ap Firmware
Moxa v2406c-kl1-t Firmware
Moxa uc-4430a-t
Moxa v2406c-wl1-ct-t
Moxa uc-4450a-t-5g Firmware
Moxa v2406c-wl7-ct-t
Moxa uc-2222a-t-eu Firmware
Moxa v2406c-wl3-t Firmware
Moxa uc-8210-t-lx-s
Moxa v1222-ct-t
Moxa v2406c-kl7-t Firmware
Moxa uc-2222a-t-us
Moxa uc-1222a Firmware
Moxa uc-3420a-t-lte Firmware
Moxa v2406c-kl7-ct-t Firmware
Moxa uc-4454a-t-5g Firmware
Moxa uc-2222a-t
Moxa uc-2222a-t-eu
Moxa v2406c-wl1-ct-t Firmware
Moxa v2406c-kl1-t
Moxa v2406c-kl5-t
Moxa uc-8220-t-lx-ap-s
Moxa uc-2222a-t-us Firmware
Moxa v2406c-wl7-ct-t Firmware
Moxa
Moxa uc-8220-t-lx Firmware
Moxa uc-2222a-t Firmware
Moxa v1202-ct-t Firmware
Moxa uc-3434a-t-lte-wifi Firmware
Moxa uc-4410a-t Firmware
Moxa v2406c-kl7-ct-t
Moxa v2406c-wl7-t Firmware
Moxa v2406c-kl3-t
Moxa v1222-ct-t Firmware
Moxa v2406c-kl3-t Firmware
Moxa uc-8220-t-lx
Moxa uc-4434a-i-t Firmware
Moxa v2406c-wl1-t Firmware
Moxa uc-2222a-t-ap
Moxa v1202-ct-t
Moxa v2406c-kl5-t Firmware
Moxa uc-8220-t-lx-eu-s
Moxa uc-3424a-t-lte Firmware
Moxa uc-4450a-t-5g
Moxa uc-3430a-t-lte-wifi
Moxa uc-4414a-i-t Firmware
Moxa uc-8220-t-lx-us-s Firmware
Moxa v2406c-wl5-t
Moxa uc-4430a-t Firmware
Moxa uc-8210-t-lx-s Firmware
Moxa uc-8220-t-lx-eu-s Firmware
Moxa v2406c-wl5-t Firmware
Moxa v2406c-kl7-t
Moxa v2406c-wl1-t
Moxa uc-3424a-t-lte
Moxa uc-3420a-t-lte
Moxa uc-4454a-t-5g
Moxa uc-4414a-i-t
Moxa uc-3434a-t-lte-wifi
Moxa v2406c-wl7-t
Moxa v1222-w-ct-t
Moxa uc-8220-t-lx-us-s
Moxa uc-8220-t-lx-ap-s Firmware
Moxa uc-3430a-t-lte-wifi Firmware
Moxa v2406c-kl1-ct-t Firmware
Moxa uc-4434a-i-t
CPE cpe:2.3:o:moxa:v1202-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4430a-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4434a-i-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4450a-t-5g:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4410a-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl7-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl1-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl3-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8220-t-lx-ap-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl5-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4450a-t-5g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-3424a-t-lte_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3424a-t-lte:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4414a-i-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl5-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8220-t-lx-us-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx-eu-s:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-2222a-t-us_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-1222a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl3-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx-us-s:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl7-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl5-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4410a-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl7-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-2222a-t-eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl1-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-3420a-t-lte_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4414a-i-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl3-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3434a-t-lte-wifi:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl1-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl5-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t-eu:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl1-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-2222a-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t-us:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl1-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4454a-t-5g:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl1-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t-ap:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4434a-i-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl3-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-3430a-t-lte-wifi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8220-t-lx-eu-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl7-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v1222-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-1222a:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl7-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-3434a-t-lte-wifi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4430a-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx-ap-s:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v1222-w-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl1-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3420a-t-lte:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3430a-t-lte-wifi:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8220-t-lx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v1222-w-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8210-t-lx-s:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v1202-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8210-t-lx-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl1-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl7-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v1222-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4454a-t-5g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl7-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-2222a-t-ap_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl7-t_firmware:*:*:*:*:*:*:*:*
References () https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers - () https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers - Vendor Advisory

05 Feb 2026, 17:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-02-05 17:16

Updated : 2026-02-18 17:55


NVD link : CVE-2026-0714

Mitre link : CVE-2026-0714

CVE.ORG link : CVE-2026-0714


JSON object : View

Products Affected

moxa

  • uc-1222a
  • uc-4450a-t-5g
  • uc-8210-t-lx-s
  • v2406c-kl3-t
  • uc-4414a-i-t_firmware
  • uc-4434a-i-t_firmware
  • v2406c-kl7-t_firmware
  • v2406c-wl3-t_firmware
  • uc-4454a-t-5g_firmware
  • v2406c-wl1-t
  • uc-8220-t-lx
  • uc-2222a-t_firmware
  • uc-8220-t-lx-us-s
  • v2406c-wl7-t
  • v2406c-kl7-t
  • uc-4414a-i-t
  • v2406c-kl1-t
  • uc-1222a_firmware
  • v2406c-kl7-ct-t_firmware
  • v2406c-kl1-ct-t_firmware
  • uc-4450a-t-5g_firmware
  • v1222-ct-t_firmware
  • v2406c-kl5-t_firmware
  • uc-3434a-t-lte-wifi_firmware
  • uc-2222a-t-ap
  • uc-3430a-t-lte-wifi_firmware
  • uc-4410a-t_firmware
  • v1222-w-ct-t
  • uc-3420a-t-lte
  • uc-2222a-t-us_firmware
  • v1202-ct-t
  • v2406c-kl1-ct-t
  • uc-8220-t-lx_firmware
  • v1222-w-ct-t_firmware
  • v2406c-wl1-ct-t_firmware
  • uc-8220-t-lx-eu-s
  • uc-4430a-t
  • uc-8220-t-lx-ap-s
  • uc-4454a-t-5g
  • uc-4410a-t
  • v2406c-wl5-t
  • uc-8210-t-lx-s_firmware
  • v2406c-wl3-t
  • uc-2222a-t
  • uc-4434a-i-t
  • uc-8220-t-lx-eu-s_firmware
  • v2406c-kl7-ct-t
  • v2406c-wl1-t_firmware
  • v2406c-wl7-t_firmware
  • uc-4430a-t_firmware
  • uc-2222a-t-ap_firmware
  • uc-8220-t-lx-us-s_firmware
  • v2406c-wl7-ct-t_firmware
  • uc-2222a-t-eu_firmware
  • v1222-ct-t
  • v1202-ct-t_firmware
  • v2406c-wl7-ct-t
  • v2406c-wl5-t_firmware
  • uc-2222a-t-us
  • uc-8220-t-lx-ap-s_firmware
  • uc-3434a-t-lte-wifi
  • v2406c-kl3-t_firmware
  • uc-3424a-t-lte
  • uc-2222a-t-eu
  • uc-3430a-t-lte-wifi
  • v2406c-wl1-ct-t
  • uc-3420a-t-lte_firmware
  • v2406c-kl1-t_firmware
  • uc-3424a-t-lte_firmware
  • v2406c-kl5-t
CWE
CWE-319

Cleartext Transmission of Sensitive Information