Physical Attack Vulnerability in Moxa Industrial Computers
CVE-2026-0714

7HIGH

Key Information:

Vendor: Moxa
Status: Uc-1200a Series
Vendor: CVE Published:; 5 February 2026

What is CVE-2026-0714?

A vulnerability exists in Moxa industrial computers that utilize TPM-backed LUKS full-disk encryption. This issue arises from the configuration of the discrete TPM, which is connected to the CPU via an SPI bus. To exploit this vulnerability, an attacker must have prolonged physical access to the device, capable of opening it and attaching external equipment to the SPI bus. Successful exploitation allows the capture of TPM communications, potentially enabling offline decryption of eMMC contents. It is essential to note that this type of attack cannot be executed through brief or opportunistic means; it requires dedicated time and resources to analyze the captured signals effectively.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

UC-1200A Series 1.0 <= 1.4

References

https://www.moxa.com/en/support/product-support/security-...

vendor-advisory

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Feb 5, 2026
Vulnerability Reserved
Jan 8, 2026

Credit

Cyloq

JSON

Moxa

What is CVE-2026-0714?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.