As of June 15, 2022, this site no longer supports Internet Explorer. Please use another browser for the best experience on our site.
Sign In
Home Support Security Advisories CVE-2026-4483: Exposed IOCTL With Insufficient Access Control Vulnerability in the Utility, MxGenera

Product support

Security Advisories

Please sign in

Forgot your password?
Sign In
Remember Me.
Not a member? Sign up now
SUMMARY

CVE-2026-4483: Exposed IOCTL With Insufficient Access Control Vulnerability in the Utility, MxGeneralIo, for Industrial x86 Computers

This security advisory addresses one vulnerability identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers.

CVE-2026-4483

An exposed IOCTL with an  insufficient access control vulnerability has been identified in the utility, MxGeneralIo, for Moxa’s industrial x86 computers. The affected utility, MxGeneralIo, exposes IOCTL methods that permit direct read and write access to MSR and system memory. A local attacker with high privileges could abuse these interfaces to perform unauthorized operations. Successful exploitation may result in privilege escalation on Windows 7 systems or cause a system crash (BSoD) on Windows 10 and 11 systems, leading to a denial-of-service condition. The vulnerability could slightly affect the confidentiality and integrity of the device, but availability might be heavily impacted. No impact to the subsequent system has been identified.

Given the high severity of this issue, users should apply the solutions immediately to reduce security risks.

 

The Identified Vulnerability Type and Potential Impact 

CVE ID Vulnerability Type Impact
CVE-2026-4483

CWE-782: Exposed IOCTL with Insufficient Access Control

 CAPEC-122: Privilege Abuse

Vulnerability Scoring Details 

CVE ID
Base Score
Vector
 Severity

Unauthenticated

Remote Exploits
CVE-2026-4483

CVSS 4.0: 7.0

AV:N/AC:L/AT:N/PR:H/UI:N/

VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

 High No
AFFECTED PRODUCTS AND SOLUTIONS

Solutions

Moxa has developed appropriate solutions to address the vulnerability. The solutions for the affected products are listed in the following table: 

Product Series Affected Versions Solutions

BXP Series

  • BXP-A100 Series

  • BXP-A101 Series

  • BXP-C100 Series

Utility MxGeneralIo

  • Windows 7: before v1.4.0
  • Windows 10: before v1.5.0
  • Windows 11: before v1.5.0

Please contact Moxa Technical Support for the security patch.

  • MxGeneralIo_Win7_V1.4.0_x86
  • MxGeneralIo_Win7_V1.4.0_x64
  • MxGeneralIo_V1.5.0_W10_W11

DA Series

  • DA-680 Series

  • DA-820E Series
  • DA-681C Series
  • DA-682C Series
  • DA-720 Series
  • DA-820C Series

Utility MxGeneralIo

  • Windows 7: before v1.4.0
  • Windows 10: before v1.5.0
  • Windows 11: before v1.5.0

Please contact Moxa Technical Support for the security patch.

  • MxGeneralIo_Win7_V1.4.0_x86
  • MxGeneralIo_Win7_V1.4.0_x64
  • MxGeneralIo_V1.5.0_W10_W11

DRP Series

  • DRP-A100 Series
  • DRP-C100 Series

Utility MxGeneralIo

  • Windows 7: before v1.4.0
  • Windows 10: before v1.5.0
  • Windows 11: before v1.5.0

Please contact Moxa Technical Support for the security patch.

  • MxGeneralIo_Win7_V1.4.0_x86
  • MxGeneralIo_Win7_V1.4.0_x64
  • MxGeneralIo_V1.5.0_W10_W11

MC Series

  • MC-1100 Series
  • MC-1200 Series
  • MC-3201 Series
  • MC-7400 Series

Utility MxGeneralIo

  • Windows 7: before v1.4.0
  • Windows 10: before v1.5.0
  • Windows 11: before v1.5.0

Please contact Moxa Technical Support for the security patch.

  • MxGeneralIo_Win7_V1.4.0_x86
  • MxGeneralIo_Win7_V1.4.0_x64
  • MxGeneralIo_V1.5.0_W10_W11

V Series

  • V2201 Series
  • V2403C Series
  • V2406C Series

  • V3200 Series

  • V3400 Series

Utility MxGeneralIo

  • Windows 7: before v1.4.0
  • Windows 10: before v1.5.0
  • Windows 11: before v1.5.0

Please contact Moxa Technical Support for the security patch.

  • MxGeneralIo_Win7_V1.4.0_x86
  • MxGeneralIo_Win7_V1.4.0_x64
  • MxGeneralIo_V1.5.0_W10_W11

RKP Series

  • RKP-A110 Series
  • RKP-C110 Series
  • RKP-C220 Series

Utility MxGeneralIo

  • Windows 7: before v1.4.0
  • Windows 10: before v1.5.0
  • Windows 11: before v1.5.0

Please contact Moxa Technical Support for the security patch.

  • MxGeneralIo_Win7_V1.4.0_x86
  • MxGeneralIo_Win7_V1.4.0_x64
  • MxGeneralIo_V1.5.0_W10_W11

EXPC Series

  • EXPC-F2120W Series
  • EXPC-F2150W Series

Utility MxGeneralIo

  • Windows 7: before v1.4.0
  • Windows 10: before v1.5.0
  • Windows 11: before v1.5.0

Please contact Moxa Technical Support for the security patch.

  • MxGeneralIo_Win7_V1.4.0_x86
  • MxGeneralIo_Win7_V1.4.0_x64
  • MxGeneralIo_V1.5.0_W10_W11

MPC Series

  • MPC-2070 Series
  • MPC-2101 Series
  • MPC-2120 Series
  • MPC-2121 Series
  • MPC-3070W Series
  • MPC-3100 Series
  • MPC-3120 Series
  • MPC-3120W Series
  • MPC-3150 Series
  • MPC-3150W Series

Utility MxGeneralIo

  • Windows 7: before v1.4.0
  • Windows 10: before v1.5.0
  • Windows 11: before v1.5.0

Please contact Moxa Technical Support for the security patch.

  • MxGeneralIo_Win7_V1.4.0_x86
  • MxGeneralIo_Win7_V1.4.0_x64
  • MxGeneralIo_V1.5.0_W10_W11

 

Mitigations

For users who may not be able to perform an update, we provide the following recommended mitigation measures as an alternative to mitigate the risk associated with the vulnerability.

  • Refer to the General Security Recommendations section to further strengthen your security context.

 

General Security Recommendations

To safeguard devices and networks, we recommend implementing the following recommendations to mitigate potential risks:

  1. Restrict Network Access
    • Use firewalls or access control lists (ACLs) to limit communication to trusted IP addresses and networks.
    • Segregate operational networks from other networks (e.g., enterprise networks) using VLANs or physical separation.
  2. Minimize Exposure
    • Avoid exposing devices directly to the Internet.
    • Disable unused network services and ports to reduce the attack surface.
  3. Enhance Device Authentication and Access Control
    • Implement multi-factor authentication (MFA) for accessing critical systems.
    • Use role-based access control (RBAC) to enforce the principle of least privilege.
  4. Regularly Update Firmware and Software
    • Keep devices updated with the latest firmware versions and security patches.
    • Establish a regular patch management schedule to address newly identified vulnerabilities.
  5. Secure Remote Access
    • Use encrypted communication protocols (e.g., VPN, SSH) for remote access.
    • Restrict remote access to authorized personnel only and enforce strong authentication mechanisms.
  6. Implement Anomaly Detection Techniques
    • Monitor network traffic and device behavior for unusual or unauthorized activities.
    • Use tools or techniques that can identify anomalies and provide alerts for potential threats.
  7. Implement Logging and Monitoring
    • Enable event logging and maintain audit trails on devices.
    • Regularly review logs for anomalies and unauthorized access attempts.
  8. Conduct Regular Security Assessments
    • Perform vulnerability assessments to identify potential risks.
    • Regularly review device configurations to ensure compliance with security policies.

 

Acknowledgement

We would like to express our gratitude to Jason Huang from TXOne Network Inc. for reporting the vulnerability, collaborating with us to enhance the security of our products, and contributing to our efforts to deliver better service to our customers.

 

Revision History:

VERSION DESCRIPTION RELEASE DATE
1.0 First release April 8, 2026

Relevant Products

BXP-A100 Series · BXP-A101 Series · BXP-C100 Series · DA-680 Series · DA-681C Series · DA-682C Series · DA-720 Series · DA-820C Series · DA-820E Series · DRP-A100 Series · DRP-C100 Series · EXPC-F2120W Series · EXPC-F2150W Series · MC-1100 Series · MC-1200 Series · MC-3201 Series · MC-7400 Series · MPC-2070 Series · MPC-2101 Series · MPC-2120 Series · MPC-2121 Series · MPC-3070W Series · MPC-3100 Series · MPC-3120 Series · MPC-3120W Series · MPC-3150 Series · MPC-3150W Series · RKP-A110 Series · RKP-C110 Series · RKP-C220 Series · V2201 Series · V2403C Series · V2406C Series · V3200 Series · V3400 Series ·

  •   Print this page

  • Save
    You can manage and share your saved list in My Moxa
Related Advisories
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
 
 
Added To Bag

View Bag
You have some items waiting in your bag; click here to finish your quote!

You are currently on the Global / English site.
Would you like to go to the site for your region?

Feedback