Vulnerability in Moxa Mxsecurity Series

CVE-2025-9315

An unauthenticated device registration vulnerability, caused by Improperly Controlled Modification of Dynamically-Determined Object Attributes, has been identified in the MXsecurity Series. An unauthenticated remote attacker can exploit th…

Vulnerability class: Mass Assignment

EPSS: 0.002 (41.4th percentile) — read the EPSS interpretation.

Affected products

Moxa Mxsecurity Series — versions 1.0, 2.3.1

Weakness classification (CWE)

CWE-915 — Improperly Controlled Modification of Dynamically-Determined Object Attributes

References

www.moxa.com/en/support/product-support/security-advisory/mpsa-252631-cve-2025-… (vendor-advisory)