PatchSiren cyber security CVE debrief

CVE-2016-8362 Moxa CVE debrief

CVE-2016-8362 is an access-control weakness in multiple Moxa wireless/industrial networking product firmware families. According to the vulnerability description, a user could download log files by accessing a specific URL. NVD assigns the issue CVSS 3.0 6.5 (Medium) and maps it to CWE-287, indicating an authentication/authorization failure that can expose sensitive information.

Vendor: Moxa
Product: CVE-2016-8362
CVSS: MEDIUM 6.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-13
Original CVE updated: 2026-05-13
Advisory published: 2017-02-13
Advisory updated: 2026-05-13

Who should care

Operators and administrators of affected Moxa OnCell and AWK/WAC/TAP devices, especially teams responsible for remote management, firmware updates, and network segmentation in industrial or operational technology environments.

Technical summary

NVD lists affected firmware for several Moxa product families, including OnCell G3470A-LTE, AWK-1131A/3131A/4131A, AWK-3191, AWK-5232/6232, AWK-1121/1127, WAC-1001 V2, WAC-2004, AWK-3121-M12-RTG, AWK-3131-M12-RCC, AWK-5232-M12-RCC, TAP-6226, AWK-3121/4121, AWK-3131/4131, and AWK-5222/6222. The NVD vector is AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, which is consistent with a network-reachable issue requiring low privileges and primarily affecting confidentiality. The supplied description specifically says a user could download log files by visiting a particular URL.

Defensive priority

Medium. The issue is network-reachable and can expose confidential log data, but the supplied severity is CVSS 6.5 and there is no integrity or availability impact indicated in the NVD vector.

Recommended defensive actions

Inventory Moxa devices and firmware versions against the affected product families listed by NVD.
Apply vendor-provided firmware updates or mitigation guidance referenced in the ICS-CERT advisory and NVD record.
Restrict management interfaces and log-access endpoints to trusted administration networks only.
Review exposed web interfaces on affected devices for unexpected direct-access URLs to sensitive files.
Segment OT/industrial networking equipment from general user networks and monitor for unauthorized access to device administration pages.
Validate that log files do not contain credentials, tokens, or other sensitive operational data before and after remediation.

Evidence notes

This debrief is based only on the supplied CVE/NVD corpus and the listed official references. The core facts used are: the vulnerability description stating that any user can download log files by accessing a specific URL; NVD CVSS 3.0 vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N; CWE-287; the affected Moxa firmware CPE entries in NVD; and the official references to the CVE record, NVD detail, and ICS-CERT advisory ICSA-16-308-01. No exploit steps or unsupported operational details are included.

Official resources

CVE-2016-8362 CVE record
CVE.org
CVE-2016-8362 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Mitigation or vendor reference
[email protected] - Third Party Advisory, US Government Resource

The CVE was published in the supplied record on 2017-02-13T21:59:01.050Z and modified on 2026-05-13T00:24:29.033Z. Those dates are used here only as record timing context, not as the date of exploitation or discovery beyond what the source.