MOXA has revealed two critical vulnerabilities in its NPort serial device servers, particularly affecting devices bridging serial equipment to Ethernet networks. The most severe vulnerability, CVE-2026-10829, involves a stack-based buffer overflow, allowing attackers with valid credentials to achieve root control through poor input validation. The second flaw, CVE-2026-10828, is a format string issue that can leak sensitive memory contents and facilitate further exploitation.
Both vulnerabilities can lead to serious security risks in industrial settings. Affected devices include NPort W2150A-W4 and W2250A-W4 Series running firmware version 1.5 or earlier, and patches have been released to mitigate these issues. Network security measures are advised until patches are applied.