OTPulse
FeedAboutContact

Moxa CVE-2024-7695: Out-of-bounds Write Vulnerability Identified in Multiple PT Switches

Plan Patch8.7MPSA-240162Jan 29, 2025
Summary

Multiple Moxa PT switches (all versions) are vulnerable to an out-of-bounds write attack caused by insufficient input validation. An attacker can send a malicious network packet to overwrite memory outside the buffer's intended bounds, causing a denial-of-service condition that crashes the switch. The vulnerability is remotely exploitable without authentication and poses a significant operational risk if the switches are reachable from untrusted networks.

What this means
What could happen
An attacker could send a crafted network packet to crash a Moxa PT switch, disrupting communications and causing operational downtime for any devices connected through that switch.
Who's at risk
This vulnerability affects all versions of Moxa PT switches, which are commonly used in water systems, electric utilities, and other critical infrastructure for network switching and communications. Any facility relying on these switches for SCADA communications, remote terminal unit (RTU) connectivity, or inter-device communications is at risk of operational disruption.
How it could be exploited
An attacker sends a specially crafted network packet to a PT switch that lacks proper input validation. The packet causes an out-of-bounds memory write, triggering a denial-of-service condition that crashes the switch and halts all traffic passing through it.
Prerequisites
  • Network access to the affected PT switch on the network segment where it operates
  • No authentication required
  • No special configuration or credentials needed
remotely exploitableno authentication requiredlow complexityno patch availableaffects networked critical infrastructure
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
Multiple PT SwitchesAll versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2
WORKAROUNDIsolate affected Moxa PT switches from direct internet access and untrusted networks using firewall rules and network segmentation
HARDENINGDeploy network access controls (ACLs) to restrict which devices and networks can send packets to the PT switches
Mitigations - no patch available
0/2
Multiple PT Switches has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGMonitor Moxa security advisories for future patches or firmware updates
HARDENINGEvaluate timeline for replacing affected PT switches with patched models when vendor releases updates
View full Moxa Security advisory
โ†‘โ†“ Navigate ยท Esc Close
API: /api/v1/advisories/4544bc45-0288-4812-896d-b5da16e76b27
Moxa CVE-2024-7695: Out-of-bounds Write Vulnerability Identified in Multiple PT Switches | CVSS 8.7 - OTPulse