Unquoted Search Path Vulnerability in Moxa Industrial Computers
CVE-2025-5191

7.3HIGH

Key Information:

Vendor: Moxa
Status: Utility For Drp-a100 Series; Utility For Drp-c100 Series
Vendor: CVE Published:; 25 August 2025

What is CVE-2025-5191?

A vulnerability has been discovered in the SerialInterfaceService.exe utility for Moxa's industrial computers running Windows. The unquoted path configuration allows a local attacker, with limited privileges, to exploit the system by placing a malicious executable in a higher-priority directory within the search path. When the Serial Interface service is initiated, the malicious executable may execute with SYSTEM privileges, facilitating privilege escalation and potentially allowing the attacker to maintain persistent access to the affected system. This vulnerability poses significant risks to the device's operational integrity, although it does not directly compromise other systems.

Affected Version(s)

Utility for DRP-A100 Series Windows 10 IoT Enterprise LTSC 2021 1.0 <= 1.1

Utility for DRP-A100 Series Windows 11 IoT Enterprise LTSC 2024 1.0

Utility for DRP-C100 Series Windows 10 IoT Enterprise LTSC 2021 1.0 <= 1.1

References

https://www.moxa.com/en/support/product-support/security-...

vendor-advisory

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 25, 2025
Vulnerability Reserved
May 26, 2025

Credit

Anni Tuulinen