Skip to main content

Uc 8220 T Lx Firmware

5 CVEs product

Monthly

CVE-2026-0715 MEDIUM This Month

Bootloader menu access in Moxa UC series industrial computers can be obtained by attackers with physical access using a device-unique password, potentially enabling temporary denial-of-service through firmware reflashing. The vulnerability is constrained by bootloader signature verification that prevents installation of unsigned firmware or arbitrary code execution. No patch is currently available for affected Linux and UC firmware versions.

Linux Privilege Escalation V1202 Ct T Firmware Uc 3424a T Lte Firmware V2406c Wl1 Ct T Firmware +32
NVD
CVSS 3.1
6.8
EPSS
0.0%
CVE-2026-0714 MEDIUM POC This Month

TPM-backed LUKS encryption bypass in Moxa Industrial Linux 3 on select industrial computers allows an attacker with invasive physical access to the SPI bus to intercept TPM communications and decrypt eMMC storage contents offline. This attack requires opening the device and connecting specialized equipment for extended signal capture, making it impractical for opportunistic access scenarios. Affected products include V1222 Ct T, Uc 3430a T Lte Wifi, Uc 8220 T Lx, and Uc 4414a I T firmware variants.

Linux V1222 Ct T Firmware Uc 3430a T Lte Wifi Firmware Uc 8220 T Lx Firmware Uc 4414a I T Firmware +31
NVD GitHub
CVSS 3.1
6.8
EPSS
0.0%
CVE-2023-1257 MEDIUM This Month

An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uc 2101 Lx Firmware Uc 2102 Lx Firmware Uc 2102 T Lx Firmware Uc 2104 Lx Firmware +50
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2022-3086 HIGH This Week

Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Uc 8580 T Lx Firmware Uc 8580 T Ct Lx Firmware Uc 8580 T Q Lx Firmware +47
NVD
CVSS 3.1
7.6
EPSS
0.3%
CVE-2022-3088 HIGH This Week

UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Debian Uc 2101 Lx Firmware Uc 2102 Lx Firmware Uc 2104 Lx Firmware +61
NVD
CVSS 3.1
7.8
EPSS
0.2%
EPSS 0% CVSS 6.8
MEDIUM This Month

Bootloader menu access in Moxa UC series industrial computers can be obtained by attackers with physical access using a device-unique password, potentially enabling temporary denial-of-service through firmware reflashing. The vulnerability is constrained by bootloader signature verification that prevents installation of unsigned firmware or arbitrary code execution. No patch is currently available for affected Linux and UC firmware versions.

Linux Privilege Escalation V1202 Ct T Firmware +34
NVD
EPSS 0% CVSS 6.8
MEDIUM POC This Month

TPM-backed LUKS encryption bypass in Moxa Industrial Linux 3 on select industrial computers allows an attacker with invasive physical access to the SPI bus to intercept TPM communications and decrypt eMMC storage contents offline. This attack requires opening the device and connecting specialized equipment for extended signal capture, making it impractical for opportunistic access scenarios. Affected products include V1222 Ct T, Uc 3430a T Lte Wifi, Uc 8220 T Lx, and Uc 4414a I T firmware variants.

Linux V1222 Ct T Firmware Uc 3430a T Lte Wifi Firmware +33
NVD GitHub
EPSS 0% CVSS 6.8
MEDIUM This Month

An attacker with physical access to the affected Moxa UC Series devices can initiate a restart of the device and gain access to its BIOS. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uc 2101 Lx Firmware Uc 2102 Lx Firmware +52
NVD
EPSS 0% CVSS 7.6
HIGH This Week

Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which. Rated high severity (CVSS 7.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Uc 8580 T Lx Firmware +49
NVD
EPSS 0% CVSS 7.8
HIGH This Week

UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Debian Uc 2101 Lx Firmware +63
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy