CVE-2024-7695

Vulnerability

CVE-2024-7695 is an out-of-bounds write vulnerability (CWE-787) affecting multiple Moxa switch series, including EDS, ICS, IKS, SDS, PT, and EN 50155 models [1][2][3]. The root cause is insufficient input validation, which permits writing data beyond the allocated buffer boundaries [1].

Exploitation

The vulnerability can be exploited remotely without authentication over the network [1][2]. The CVSS vector indicates low attack complexity and no user interaction required (AV:N/AC:L/PR:N/UI:N) [2][3]. An attacker can send specially crafted network packets to trigger the out-of-bounds write, leading to memory corruption.

Impact

Successful exploitation results in a denial-of-service (DoS) condition, potentially causing the affected switch to crash or become unresponsive [1][2]. There is no impact on confidentiality or integrity, but availability is compromised, which could disrupt industrial network operations.

Mitigation

Moxa has released security advisories (MPSA-240162, MPSA-240163, MPSA-240164) and recommends updating the firmware to the latest versions [1][2][3]. As a temporary workaround, restrict network access to the affected devices and monitor for malicious traffic.