CVE-2025-5191

An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems.

CVSS

No CVSS.

References

Link	Resource
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)

Configurations

No configuration.

History

25 Aug 2025, 20:24

Type	Values Removed	Values Added
Summary		(es) Se ha identificado una vulnerabilidad de ruta de búsqueda sin comillas en la utilidad para ordenadores industriales de Moxa (Windows). Debido a la configuración de la ruta sin comillas en la utilidad SerialInterfaceService.exe, un atacante local con privilegios limitados podría colocar un ejecutable malicioso en un directorio de mayor prioridad dentro de la ruta de búsqueda. Al iniciarse el servicio de interfaz serie, el ejecutable malicioso podría ejecutarse con privilegios de SYSTEM. Una explotación exitosa podría permitir la escalada de privilegios o permitir que un atacante mantenga la persistencia en el sistema afectado. Si bien una explotación exitosa puede afectar gravemente la confidencialidad, integridad y disponibilidad del dispositivo afectado, no se produce pérdida de confidencialidad, integridad ni disponibilidad en los sistemas posteriores.

25 Aug 2025, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-25 08:15

Updated : 2025-08-25 20:24

NVD link : CVE-2025-5191

Mitre link : CVE-2025-5191

CVE.ORG link : CVE-2025-5191

JSON object : View

Products Affected

No product.

CWE

CWE-428

Unquoted Search Path or Element

{"id": "CVE-2025-5191", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "psirt@moxa.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.3, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-08-25T08:15:30.047", "references": [{"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-256421-cve-2025-5191-unquoted-search-path-vulnerability-in-the-utility-for-industrial-computers-(windows)", "source": "psirt@moxa.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@moxa.com", "description": [{"lang": "en", "value": "CWE-428"}]}], "descriptions": [{"lang": "en", "value": "An Unquoted Search Path vulnerability has been identified in the utility for Moxa\u2019s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad de ruta de b\u00fasqueda sin comillas en la utilidad para ordenadores industriales de Moxa (Windows). Debido a la configuraci\u00f3n de la ruta sin comillas en la utilidad SerialInterfaceService.exe, un atacante local con privilegios limitados podr\u00eda colocar un ejecutable malicioso en un directorio de mayor prioridad dentro de la ruta de b\u00fasqueda. Al iniciarse el servicio de interfaz serie, el ejecutable malicioso podr\u00eda ejecutarse con privilegios de SYSTEM. Una explotaci\u00f3n exitosa podr\u00eda permitir la escalada de privilegios o permitir que un atacante mantenga la persistencia en el sistema afectado. Si bien una explotaci\u00f3n exitosa puede afectar gravemente la confidencialidad, integridad y disponibilidad del dispositivo afectado, no se produce p\u00e9rdida de confidencialidad, integridad ni disponibilidad en los sistemas posteriores."}], "lastModified": "2025-08-25T20:24:45.327", "sourceIdentifier": "psirt@moxa.com"}