OTPulse
FeedAboutContact

Moxa CVE-2024-7695: Out-of-bounds Write Vulnerability Identified in EN 50155 Switches

Plan Patch8.7MPSA-240164Feb 22, 2025
Summary

EN 50155 Switches contain an out-of-bounds write vulnerability (CVE-2024-7695, CWE-787) caused by insufficient input validation. Attackers can overwrite memory beyond the buffer's bounds, causing a denial-of-service condition that disrupts normal switch operations. The vulnerability is remotely exploitable without authentication or user interaction. Successful exploitation could shut down affected systems, disrupting network connectivity. No patch is currently available from Moxa.

What this means
What could happen
An attacker can crash Moxa EN 50155 switches by sending specially crafted data, halting network connectivity on your railway or transit control systems until the switch is manually rebooted.
Who's at risk
Railway and transit authorities, as well as any organization using Moxa EN 50155 switches for critical process control networks (particularly in safety-critical rail environments). This includes maintenance depots, signal systems, and rolling stock communication networks that depend on these switches for continuity of operations.
How it could be exploited
An attacker with network access to the switch can send a malformed input that writes data past the buffer's memory boundary, causing the switch firmware to crash. No credentials or authentication are required; the vulnerability is reachable from the network.
Prerequisites
  • Network access to affected EN 50155 switch
  • No authentication required
  • No special configuration needed
remotely exploitableno authentication requiredlow complexityno patch availabledenial-of-service impact
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
EN 50155 SwitchesAll versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/1
WORKAROUNDRestrict network access to affected EN 50155 switches using firewall rules. Allow only trusted control systems and engineering workstations to reach the management ports.
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXMonitor Moxa's security advisories and support site regularly for a firmware patch. Contact your Moxa distributor to determine if a fix version will be released.
Mitigations - no patch available
0/2
EN 50155 Switches has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:
HARDENINGIsolate affected switches on a separate VLAN or air-gapped network segment to prevent unauthorized network access from less-controlled areas.
HARDENINGImplement network segmentation to ensure only necessary traffic reaches the switches, reducing the attack surface.
View full Moxa Security advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/061d3c80-34e2-45bd-aa40-1cd57b370b08
Moxa CVE-2024-7695: Out-of-bounds Write Vulnerability Identified in EN 50155 Switches | CVSS 8.7 - OTPulse