Description
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible.
Published: 2026-02-05
Score: 7 High
EPSS: < 1% Very Low
KEV: No
Impact: Offline decryption of memory chip allows confidentiality breach
Action: Immediate Patch
AI Analysis

Impact

An attacker who can physically tamper with a Moxa industrial computer that uses TPM‑backed LUKS full‑disk encryption can capture communications on the TPM SPI bus. By intercepting these messages over an extended period, the attacker may recover the encryption keys used to protect the eMMC and subsequently decrypt stored data. The vulnerability is a remote‑audience, offline cryptographic key recovery attack that results in disclosure of all data on the encrypted storage device. The weakness corresponds to CWE‑319, improper handling of compromised key material.

Affected Systems

The flaw affects Moxa industrial computers, notably the UC‑1200A Series and several other Moxa model families listed in the CPE data. No specific firmware or hardware revision is disambiguated by the advisory; the advisory applies broadly to all devices that employ the exposed TPM‑backed LUKS configuration.

Risk and Exploitability

The CVSS score is 7.0, indicating a high‑severity flaw, but the low EPSS (<1 %) and lack of a KEV listing suggest that exploitation is currently unlikely in the wild. The highest risk comes from the need for extended physical access: an attacker must possess the device, open its enclosure, and attach specialized equipment to capture TPM traffic over the SPI bus. Remote exploitation is impossible. Given the physical nature of the attack, the feasibility is heavily constrained to scenarios where an adversary can allocate time and equipment to monitor the bus, making this a non‑immediate threat for most operators, but it remains a serious security concern for environments where devices might be left unattended or in vulnerable locations.

Generated by OpenCVE AI on April 17, 2026 at 23:00 UTC.

Remediation

Vendor Solution

Refer to  https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026... https://www.moxa.com/en/support/product-support/security-advisory/mpsa-255121-cve-2026-0714-cve-2026-0715-multiple-vulnerabilities-in-industrial-computers

OpenCVE Recommended Actions

  • Follow the vendor’s official solution – apply the firmware update released by Moxa (see the cited advisory links).
  • If a patch is not yet available, physically secure the device by sealing unused ports or locking the enclosure to prevent collateral access to the TPM bus.
  • Consider relocating or provisioning the device in a protected environment to eliminate the risk of physical tampering.

Generated by OpenCVE AI on April 17, 2026 at 23:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 18 Feb 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Moxa uc-1222a
Moxa uc-1222a Firmware
Moxa uc-2222a-t
Moxa uc-2222a-t-ap
Moxa uc-2222a-t-ap Firmware
Moxa uc-2222a-t-eu
Moxa uc-2222a-t-eu Firmware
Moxa uc-2222a-t-us
Moxa uc-2222a-t-us Firmware
Moxa uc-2222a-t Firmware
Moxa uc-3420a-t-lte
Moxa uc-3420a-t-lte Firmware
Moxa uc-3424a-t-lte
Moxa uc-3424a-t-lte Firmware
Moxa uc-3430a-t-lte-wifi
Moxa uc-3430a-t-lte-wifi Firmware
Moxa uc-3434a-t-lte-wifi
Moxa uc-3434a-t-lte-wifi Firmware
Moxa uc-4410a-t
Moxa uc-4410a-t Firmware
Moxa uc-4414a-i-t
Moxa uc-4414a-i-t Firmware
Moxa uc-4430a-t
Moxa uc-4430a-t Firmware
Moxa uc-4434a-i-t
Moxa uc-4434a-i-t Firmware
Moxa uc-4450a-t-5g
Moxa uc-4450a-t-5g Firmware
Moxa uc-4454a-t-5g
Moxa uc-4454a-t-5g Firmware
Moxa uc-8210-t-lx-s
Moxa uc-8210-t-lx-s Firmware
Moxa uc-8220-t-lx
Moxa uc-8220-t-lx-ap-s
Moxa uc-8220-t-lx-ap-s Firmware
Moxa uc-8220-t-lx-eu-s
Moxa uc-8220-t-lx-eu-s Firmware
Moxa uc-8220-t-lx-us-s
Moxa uc-8220-t-lx-us-s Firmware
Moxa uc-8220-t-lx Firmware
Moxa v1202-ct-t
Moxa v1202-ct-t Firmware
Moxa v1222-ct-t
Moxa v1222-ct-t Firmware
Moxa v1222-w-ct-t
Moxa v1222-w-ct-t Firmware
Moxa v2406c-kl1-ct-t
Moxa v2406c-kl1-ct-t Firmware
Moxa v2406c-kl1-t
Moxa v2406c-kl1-t Firmware
Moxa v2406c-kl3-t
Moxa v2406c-kl3-t Firmware
Moxa v2406c-kl5-t
Moxa v2406c-kl5-t Firmware
Moxa v2406c-kl7-ct-t
Moxa v2406c-kl7-ct-t Firmware
Moxa v2406c-kl7-t
Moxa v2406c-kl7-t Firmware
Moxa v2406c-wl1-ct-t
Moxa v2406c-wl1-ct-t Firmware
Moxa v2406c-wl1-t
Moxa v2406c-wl1-t Firmware
Moxa v2406c-wl3-t
Moxa v2406c-wl3-t Firmware
Moxa v2406c-wl5-t
Moxa v2406c-wl5-t Firmware
Moxa v2406c-wl7-ct-t
Moxa v2406c-wl7-ct-t Firmware
Moxa v2406c-wl7-t
Moxa v2406c-wl7-t Firmware
CPEs cpe:2.3:h:moxa:uc-1222a:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t-ap:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t-eu:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t-us:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-2222a-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3420a-t-lte:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3424a-t-lte:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3430a-t-lte-wifi:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-3434a-t-lte-wifi:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4410a-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4414a-i-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4430a-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4434a-i-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4450a-t-5g:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-4454a-t-5g:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8210-t-lx-s:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx-ap-s:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx-eu-s:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx-us-s:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:uc-8220-t-lx:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v1202-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v1222-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v1222-w-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl1-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl1-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl3-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl5-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl7-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-kl7-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl1-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl1-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl3-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl5-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl7-ct-t:-:*:*:*:*:*:*:*
cpe:2.3:h:moxa:v2406c-wl7-t:-:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-1222a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-2222a-t-ap_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-2222a-t-eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-2222a-t-us_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-2222a-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-3420a-t-lte_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-3424a-t-lte_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-3430a-t-lte-wifi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-3434a-t-lte-wifi_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4410a-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4414a-i-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4430a-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4434a-i-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4450a-t-5g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-4454a-t-5g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8210-t-lx-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8220-t-lx-ap-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8220-t-lx-eu-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8220-t-lx-us-s_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:uc-8220-t-lx_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v1202-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v1222-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v1222-w-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl1-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl1-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl3-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl5-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl7-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-kl7-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl1-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl1-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl3-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl5-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl7-ct-t_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:moxa:v2406c-wl7-t_firmware:*:*:*:*:*:*:*:*
Vendors & Products Moxa uc-1222a
Moxa uc-1222a Firmware
Moxa uc-2222a-t
Moxa uc-2222a-t-ap
Moxa uc-2222a-t-ap Firmware
Moxa uc-2222a-t-eu
Moxa uc-2222a-t-eu Firmware
Moxa uc-2222a-t-us
Moxa uc-2222a-t-us Firmware
Moxa uc-2222a-t Firmware
Moxa uc-3420a-t-lte
Moxa uc-3420a-t-lte Firmware
Moxa uc-3424a-t-lte
Moxa uc-3424a-t-lte Firmware
Moxa uc-3430a-t-lte-wifi
Moxa uc-3430a-t-lte-wifi Firmware
Moxa uc-3434a-t-lte-wifi
Moxa uc-3434a-t-lte-wifi Firmware
Moxa uc-4410a-t
Moxa uc-4410a-t Firmware
Moxa uc-4414a-i-t
Moxa uc-4414a-i-t Firmware
Moxa uc-4430a-t
Moxa uc-4430a-t Firmware
Moxa uc-4434a-i-t
Moxa uc-4434a-i-t Firmware
Moxa uc-4450a-t-5g
Moxa uc-4450a-t-5g Firmware
Moxa uc-4454a-t-5g
Moxa uc-4454a-t-5g Firmware
Moxa uc-8210-t-lx-s
Moxa uc-8210-t-lx-s Firmware
Moxa uc-8220-t-lx
Moxa uc-8220-t-lx-ap-s
Moxa uc-8220-t-lx-ap-s Firmware
Moxa uc-8220-t-lx-eu-s
Moxa uc-8220-t-lx-eu-s Firmware
Moxa uc-8220-t-lx-us-s
Moxa uc-8220-t-lx-us-s Firmware
Moxa uc-8220-t-lx Firmware
Moxa v1202-ct-t
Moxa v1202-ct-t Firmware
Moxa v1222-ct-t
Moxa v1222-ct-t Firmware
Moxa v1222-w-ct-t
Moxa v1222-w-ct-t Firmware
Moxa v2406c-kl1-ct-t
Moxa v2406c-kl1-ct-t Firmware
Moxa v2406c-kl1-t
Moxa v2406c-kl1-t Firmware
Moxa v2406c-kl3-t
Moxa v2406c-kl3-t Firmware
Moxa v2406c-kl5-t
Moxa v2406c-kl5-t Firmware
Moxa v2406c-kl7-ct-t
Moxa v2406c-kl7-ct-t Firmware
Moxa v2406c-kl7-t
Moxa v2406c-kl7-t Firmware
Moxa v2406c-wl1-ct-t
Moxa v2406c-wl1-ct-t Firmware
Moxa v2406c-wl1-t
Moxa v2406c-wl1-t Firmware
Moxa v2406c-wl3-t
Moxa v2406c-wl3-t Firmware
Moxa v2406c-wl5-t
Moxa v2406c-wl5-t Firmware
Moxa v2406c-wl7-ct-t
Moxa v2406c-wl7-ct-t Firmware
Moxa v2406c-wl7-t
Moxa v2406c-wl7-t Firmware
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Fri, 06 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Moxa
Moxa uc-1200a Series
Vendors & Products Moxa
Moxa uc-1200a Series

Thu, 05 Feb 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 05 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Description A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data may allow offline decryption of eMMC contents. This attack cannot be performed through brief or opportunistic physical access and requires extended physical access, possession of the device, appropriate equipment, and sufficient time for signal capture and analysis. Remote exploitation is not possible.
Weaknesses CWE-319
References
Metrics cvssV4_0

{'score': 7, 'vector': 'CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Moxa Uc-1200a Series Uc-1222a Uc-1222a Firmware Uc-2222a-t Uc-2222a-t-ap Uc-2222a-t-ap Firmware Uc-2222a-t-eu Uc-2222a-t-eu Firmware Uc-2222a-t-us Uc-2222a-t-us Firmware Uc-2222a-t Firmware Uc-3420a-t-lte Uc-3420a-t-lte Firmware Uc-3424a-t-lte Uc-3424a-t-lte Firmware Uc-3430a-t-lte-wifi Uc-3430a-t-lte-wifi Firmware Uc-3434a-t-lte-wifi Uc-3434a-t-lte-wifi Firmware Uc-4410a-t Uc-4410a-t Firmware Uc-4414a-i-t Uc-4414a-i-t Firmware Uc-4430a-t Uc-4430a-t Firmware Uc-4434a-i-t Uc-4434a-i-t Firmware Uc-4450a-t-5g Uc-4450a-t-5g Firmware Uc-4454a-t-5g Uc-4454a-t-5g Firmware Uc-8210-t-lx-s Uc-8210-t-lx-s Firmware Uc-8220-t-lx Uc-8220-t-lx-ap-s Uc-8220-t-lx-ap-s Firmware Uc-8220-t-lx-eu-s Uc-8220-t-lx-eu-s Firmware Uc-8220-t-lx-us-s Uc-8220-t-lx-us-s Firmware Uc-8220-t-lx Firmware V1202-ct-t V1202-ct-t Firmware V1222-ct-t V1222-ct-t Firmware V1222-w-ct-t V1222-w-ct-t Firmware V2406c-kl1-ct-t V2406c-kl1-ct-t Firmware V2406c-kl1-t V2406c-kl1-t Firmware V2406c-kl3-t V2406c-kl3-t Firmware V2406c-kl5-t V2406c-kl5-t Firmware V2406c-kl7-ct-t V2406c-kl7-ct-t Firmware V2406c-kl7-t V2406c-kl7-t Firmware V2406c-wl1-ct-t V2406c-wl1-ct-t Firmware V2406c-wl1-t V2406c-wl1-t Firmware V2406c-wl3-t V2406c-wl3-t Firmware V2406c-wl5-t V2406c-wl5-t Firmware V2406c-wl7-ct-t V2406c-wl7-ct-t Firmware V2406c-wl7-t V2406c-wl7-t Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: Moxa

Published:

Updated: 2026-02-05T17:28:18.287Z

Reserved: 2026-01-08T10:25:22.303Z

Link: CVE-2026-0714

cve-icon Vulnrichment

Updated: 2026-02-05T17:28:12.070Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-05T17:16:13.203

Modified: 2026-02-18T17:55:46.557

Link: CVE-2026-0714

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T23:15:30Z

Weaknesses