Insufficient Access Control Vulnerability in Moxa’s Industrial x86 Computers
CVE-2026-4483

7HIGH

Key Information:

Vendor: Moxa
Status: Mxgeneralio
Vendor: CVE Published:; 8 April 2026

What is CVE-2026-4483?

An exposed IOCTL vulnerability has been found in the MxGeneralIo utility for Moxa’s industrial x86 computers, which allows high-privileged local attackers to execute unauthorized operations. This vulnerability permits direct read and write access to MSR and system memory, with the potential for privilege escalation on Windows 7 systems. On Windows 10 and 11, successful exploitation could lead to system crashes, resulting in a denial-of-service condition. While the vulnerability has a minimal impact on confidentiality and integrity, it significantly compromises availability.

Affected Version(s)

MxGeneralIo Windows 10 1.0 < 1.5.0

MxGeneralIo Windows 7 x64 1.0 < 1.4.0

MxGeneralIo Windows 7 x86 1.0 < 1.4.0

References

https://www.moxa.com/en/support/product-support/security-...

vendor-advisory

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2026
Vulnerability Reserved
Mar 20, 2026

Credit

Jason Huang from TXOne Networks Inc.

CVE-2026-4483 Data

JSON