PatchSiren cyber security CVE debrief
CVE-2016-8363 Moxa CVE debrief
CVE-2016-8363 is a critical Moxa firmware vulnerability affecting multiple OnCell, AWK, WAC, and TAP product families. NVD rates it CVSS 3.0 10.0 with network attack vector, no privileges, no user interaction, and a changed scope impact. The disclosed impact is arbitrary OS command execution on the server/device, which can lead to full compromise of confidentiality, integrity, and availability.
- Vendor
- Moxa
- Product
- CVE-2016-8363
- CVSS
- CRITICAL 10
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-13
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-13
- Advisory updated
- 2026-05-13
Who should care
Organizations operating any of the affected Moxa industrial wireless devices and firmware listed in NVD, especially teams responsible for OT/ICS network infrastructure, remote access gateways, and industrial Wi-Fi deployments.
Technical summary
NVD describes the issue as arbitrary OS command execution on the server. The vulnerability is scored CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H, indicating remotely reachable exploitation with no authentication or user interaction required and potential impact beyond the vulnerable component. NVD maps the weakness to CWE-264. Affected firmware coverage in NVD includes versions up to 10-31-2016 for the OnCellG3470A-LTE, AWK-4131A, AWK-3131A, and AWK-1131A firmware, and versions up to 05-30-2017 or 06-29-2017 for the other listed AWK/WAC families.
Defensive priority
Critical. This is a remote, unauthenticated command-execution issue with full CIA impact across multiple industrial device families.
Recommended defensive actions
- Identify whether any of the listed Moxa device families are deployed in your environment.
- Inventory firmware versions and compare them against the affected version end dates listed in NVD.
- Apply vendor-recommended remediation or firmware updates referenced by ICS-CERT advisory ICSA-16-308-01 and the NVD record.
- If immediate patching is not possible, isolate affected devices on restricted management networks and limit administrative access.
- Review logs and device configuration for unexpected changes consistent with command execution or device takeover.
- Prioritize exposure reduction for any affected devices reachable from untrusted or broader enterprise networks.
Evidence notes
CVE published by NVD on 2017-02-13T21:59:01.080Z; NVD modified record on 2026-05-13T00:24:29.033Z. NVD references include ICS-CERT advisory ICSA-16-308-01 and SecurityFocus BID 94092. The NVD CPE list marks affected firmware for multiple Moxa products, with version end dates of 10-31-2016, 05-30-2017, and 06-29-2017 depending on product family.
Official resources
-
CVE-2016-8363 CVE record
CVE.org
-
CVE-2016-8363 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, US Government Resource
Publicly disclosed in the CVE/NVD record on 2017-02-13. The NVD record also points to ICS-CERT advisory ICSA-16-308-01 and SecurityFocus BID 94092 as supporting references.