V2406c Kl7 T Firmware
Monthly
Bootloader menu access in Moxa UC series industrial computers can be obtained by attackers with physical access using a device-unique password, potentially enabling temporary denial-of-service through firmware reflashing. The vulnerability is constrained by bootloader signature verification that prevents installation of unsigned firmware or arbitrary code execution. No patch is currently available for affected Linux and UC firmware versions.
TPM-backed LUKS encryption bypass in Moxa Industrial Linux 3 on select industrial computers allows an attacker with invasive physical access to the SPI bus to intercept TPM communications and decrypt eMMC storage contents offline. This attack requires opening the device and connecting specialized equipment for extended signal capture, making it impractical for opportunistic access scenarios. Affected products include V1222 Ct T, Uc 3430a T Lte Wifi, Uc 8220 T Lx, and Uc 4414a I T firmware variants.
Bootloader menu access in Moxa UC series industrial computers can be obtained by attackers with physical access using a device-unique password, potentially enabling temporary denial-of-service through firmware reflashing. The vulnerability is constrained by bootloader signature verification that prevents installation of unsigned firmware or arbitrary code execution. No patch is currently available for affected Linux and UC firmware versions.
TPM-backed LUKS encryption bypass in Moxa Industrial Linux 3 on select industrial computers allows an attacker with invasive physical access to the SPI bus to intercept TPM communications and decrypt eMMC storage contents offline. This attack requires opening the device and connecting specialized equipment for extended signal capture, making it impractical for opportunistic access scenarios. Affected products include V1222 Ct T, Uc 3430a T Lte Wifi, Uc 8220 T Lx, and Uc 4414a I T firmware variants.