Moxa CVE-2024-7695: Out-of-bounds Write Vulnerability Identified in EN 50155 Switches

Plan PatchCVSS 8.7MPSA-240164Feb 22, 2025

Moxa

Summary

Moxa EN 50155 Switches contain an out-of-bounds write vulnerability (CVE-2024-7695) caused by insufficient input validation. The vulnerability allows attackers to write data beyond buffer boundaries, potentially triggering a denial-of-service condition that crashes the affected switch. EN 50155 is an ERTMS/ETCS standard for railway communication networks, making these switches critical for European train control and safety systems. Affected systems are exposed to unauthenticated remote exploitation if accessible from untrusted networks.

What this means

What could happen

An attacker could crash EN 50155 Switches remotely by exploiting a buffer overflow vulnerability, causing network availability loss and potential service interruption for railway/transport automation systems that depend on these switches.

Who's at risk

Railway and transport automation systems integrating Moxa EN 50155 Switches. These switches are critical for real-time signaling, train control, and transit infrastructure that requires high reliability. Loss of switch availability could impact train movement, signal integrity, and system safety.

How it could be exploited

An attacker on a network path to the switch sends a malformed packet or command with oversized input that triggers the out-of-bounds write. The insufficient input validation allows the attacker to overwrite critical memory regions, crashing the device and causing a denial-of-service.

Prerequisites

Network-accessible EN 50155 Switch
No authentication required to trigger vulnerability
Attacker must be able to send traffic to the affected switch on its management or data ports

Remotely exploitableNo authentication requiredLow complexity attackNo patch available (end-of-life product)Affects safety-critical transport infrastructure

Exploitability

Unlikely to be exploited — EPSS score 0.3%

Affected products (1)

ProductAffected VersionsFix Status

EN 50155 SwitchesAll versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/2

HARDENINGIsolate EN 50155 Switches from untrusted networks using firewall rules to restrict inbound access to only authorized management and operational traffic

WORKAROUNDDisable remote management access on EN 50155 Switches unless operationally required; if required, restrict it to a secure jump host or VPN

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HARDENINGMonitor EN 50155 Switch logs and network traffic for unexpected connection attempts or malformed packets targeting management interfaces

Mitigations - no patch available

0/1

EN 50155 Switches has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGImplement network segmentation to place EN 50155 Switches on a dedicated industrial control network isolated from corporate IT networks and the internet

CVEs (1)

CVE-2024-7695

View full Moxa Security advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/061d3c80-34e2-45bd-aa40-1cd57b370b08

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.