PatchSiren

PatchSiren cyber security CVE debrief

CVE-2016-8379 Moxa CVE debrief

CVE-2016-8379 affects multiple Moxa ioLogik E1200- and E2200-series firmware branches where users are restricted to using short passwords. The available record marks the issue as HIGH severity (CVSS 8.1) and network reachable, with no privileges or user interaction required, but with higher attack complexity. For OT and industrial environments, the main risk is that weak credential policy can materially reduce the security of remotely accessible management interfaces and increase the chance of unauthorized access if the device is exposed or poorly segmented.

Vendor
Moxa
Product
CVE-2016-8379
CVSS
HIGH 8.1
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-13
Original CVE updated
2026-05-13
Advisory published
2017-02-13
Advisory updated
2026-05-13

Who should care

Operators, integrators, and security teams responsible for Moxa ioLogik E1210/E1211/E1212/E1213/E1214/E1240/E1241/E1242/E1260/E1262 and E2210/E2212/E2214/E2240/E2242/E2260/E2262 devices running the affected firmware ranges. OT environments with remote management access, flat network segmentation, or shared administrative workflows should treat this as especially relevant.

Technical summary

The NVD description states that affected Moxa ioLogik firmware restricts users to short passwords across several product/firmware branches. The provided CVSS vector is CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating a network-reachable issue with no required privileges or user interaction, but with higher-than-usual attack complexity. The source corpus lists vulnerable firmware ranges including E1210 up to V2.4, E1211 up to V2.3, E1212 up to V2.4, E1213 up to V2.5, E1214 up to V2.4, E1240 up to V2.3, E1241 up to V2.4, E1242 up to V2.4, E1260 up to V2.4, E1262 up to V2.4, and E2210 up to V3.13, E2212 up to V3.14, E2214 up to V3.12, E2240 up to V3.12, E2242 up to V3.12, E2260 up to V3.13, and E2262 up to V3.12.

Defensive priority

High. The issue affects industrial control equipment and is reachable over the network, so affected assets should be inventoried and remediated promptly. Because attack complexity is rated High, prioritize systems that are exposed beyond tightly controlled OT management networks, especially any device reachable from enterprise IT or the internet.

Recommended defensive actions

  • Inventory all Moxa ioLogik E1200- and E2200-series devices and compare installed firmware against the vulnerable ranges listed in the advisory and NVD record.
  • Apply vendor firmware updates that supersede the affected versions for each model family.
  • If patching is not immediately possible, isolate device management interfaces with OT segmentation, ACLs, VPN or jump-host access, and source-IP restrictions.
  • Review and strengthen credential controls where the platform supports them; if short-password limitations cannot be eliminated, compensate with stronger network access controls and administrative separation.
  • Check configuration and access logs for unexpected changes or unauthorized management activity, and investigate or reimage devices if compromise is suspected.

Evidence notes

This debrief is limited to the supplied NVD record and the linked advisory references. The record’s description explicitly says users are restricted to using short passwords, and the CVSS vector is AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. The source corpus also provides affected firmware ranges for the listed ioLogik models. No fixed firmware version is included in the supplied text. PublishedAt is 2017-02-13 and ModifiedAt is 2026-05-13; those are record dates, not the vulnerability’s original occurrence date.

Official resources

CVE published by NVD on 2017-02-13 and modified on 2026-05-13. The provided enrichment does not mark it as a Known Exploited Vulnerability, and no ransomware linkage is indicated in the supplied corpus.