Multiple vulnerabilities found in Moxa NPort devices could allow attackers to elevate privileges, cause remote denial of service, and compromise data integrity. The advisory identifies issues that can affect NPort 5000 Series (all versions lacking physical access protection) and NPort 6100 models prior to version 1.1.0. It lists four CVE identifiers—CVE‑2025‑15017, CVE‑2025‑1977, CVE‑2025‑2026, and a related vulnerability in the MPSA‑251731 advisory. The affected systems may experience data integrity loss, confidentiality breaches, and remote service disruption. The advisory recommends applying patches published in the vendor’s security bulletins (MPSA‑251731 and MPSA‑257331). Operators should review the provided links for detailed remediation steps.
Summary of content from
https://www.cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-1142/
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.