Moxa Uc-2222A-T-Ap Firmware vulnerabilities

CVE-2026-0714 [HIGH] CWE-319 CVE-2026-0714: A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS fu A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM commu

CVE-2026-0715 [HIGH] CWE-522 CVE-2026-0715: Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloa Moxa Arm-based industrial computers running Moxa Industrial Linux Secure use a device-unique bootloader password provided on the device. An attacker with physical access to the device could use this information to access the bootloader menu via a serial interface. Access to the bootloader menu does not allow full system takeover or privilege escalation.