As of June 15, 2022, this site no longer supports Internet Explorer. Please use another browser for the best experience on our site.

Product support

Security Advisories

SUMMARY

CVE-2024-7695: Out-of-bounds Write Vulnerability Identified in Multiple PT Switches

  • Security Advisory ID: MPSA-240162
  • Version: V1.1
  • Release Date: Jan 29, 2025
  • Reference:

    CVE-2024-7695 (Moxa) 

Multiple PT switches are affected by an out-of-bounds write vulnerability. This vulnerability is caused by insufficient input validation, which allows data to be written to memory outside the bounds of the buffer. Successful exploitation of this vulnerability could result in a denial-of-service attack. 

This vulnerability poses a significant remote threat if the affected products are exposed to publicly accessible networks. Attackers could potentially disrupt operations by shutting down the affected systems. Due to the critical nature of this security risk, we strongly recommend taking immediate action to prevent its potential exploitation. 

The Identified Vulnerability Type and Potential Impact 

Item Vulnerability Type Impact
1

Out-of-bounds Write (CWE-787) 

CVE-2024-7695 

An out-of-bounds write vulnerability caused by insufficient input validation allows attackers to overwrite memory beyond the buffer’s bounds. Successful exploitation of this vulnerability could lead to a denial-of-service (DoS) condition, disrupting normal operations. 

Vulnerability Scoring Details 

ID
Base Score
Vector 
Severity

Unauthenticated

Remote Exploits

CVE-2024-7695

CVSS 3.1: 7.5

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

High Yes
CVSS 4.0: 8.7
AV:N/AC:L/AT:N/PR:N/UI:N/
VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Note: This advisory uses CVSS 3.1 as the standard for determining severity levels. CVSS 4.0 is provided as a reference metric for comparison. 

AFFECTED PRODUCTS AND SOLUTIONS

Affected Products

Products Affected by CVE-2024-7695

Affected products and their firmware versions are listed in the following table: 

Product Series Affected Versions
PT-7728 Series Firmware version 3.9 and earlier 
PT-7828 Series  Firmware version 4.0 and earlier 
PT-G503 Series  Firmware version 5.3 and earlier 
PT-G510 Series  Firmware version 6.5 and earlier 
PT-G7728 Series  Firmware version 6.4 and earlier  
PT-G7828 Series  Firmware version 6.4 and earlier  

 

Solutions

Moxa has developed appropriate solutions to address this vulnerability. The solutions for affected products are listed in the following table: 

Product Series Solutions
PT-7728 Series 

Please contact Moxa Technical Support for the security patch.

Note: The security patch version 3.9.2 addresses the following vulnerabilities:

  1. CVE-2024-9137: Missing authentication, which could allow unauthorized configuration changes.
  2. CVE-2024-7695: Out-of-bounds write vulnerability, potentially leading to a denial-of-service (DoS) attack.
  3. CVE-2024-9404: Denial-of-service vulnerability, which could result in system crashes or reboots.
PT-7828 Series 

Please contact Moxa Technical Support for the security patch.

Note: The security patch version 4.0.4 addresses the following vulnerabilities:

  1. CVE-2024-9137: Missing authentication, which could allow unauthorized configuration changes.
  2. CVE-2024-7695: Out-of-bounds write vulnerability, potentially leading to a denial-of-service (DoS) attack.
  3. CVE-2024-9404: Denial-of-service vulnerability, which could result in system crashes or reboots.
PT-G503 Series 

Please contact Moxa Technical Support for the security patch.

Note: The security patch version 5.3.6 addresses the following vulnerabilities:

  1. CVE-2024-9137: Missing authentication, which could allow unauthorized configuration changes.
  2. CVE-2024-7695: Out-of-bounds write vulnerability, potentially leading to a denial-of-service (DoS) attack.
  3. CVE-2024-9404: Denial-of-service vulnerability, which could result in system crashes or reboots.
PT-G510 Series 

Please contact Moxa Technical Support for the security patch.

Note: The security patch version 6.5.8 addresses the following vulnerabilities:

  1. CVE-2024-9137: Missing authentication, which could allow unauthorized configuration changes.
  2. CVE-2024-7695: Out-of-bounds write vulnerability, potentially leading to a denial-of-service (DoS) attack.
  3. CVE-2024-9404: Denial-of-service vulnerability, which could result in system crashes or reboots.

 

Mitigations

To mitigate the risks associated with this vulnerability, we recommend the following actions: 

  • Disable Moxa Service and Moxa Service (Encrypted) temporarily if they are not required for operations. This will minimize potential attack vectors until a patch or updated firmware is applied. 

Refer to the General Security Recommendations section to further strengthen your security posture. 

 

General Security Recommendations

To safeguard devices and networks, we recommend implementing the following recommendations to mitigate potential risks:

  1. Restrict Network Access
    • Use firewalls or access control lists (ACLs) to limit communication to trusted IP addresses and networks.
    • Segregate operational networks from other networks (e.g., enterprise networks) using VLANs or physical separation.
  2. Minimize Exposure
    • Avoid exposing devices directly to the Internet.
    • Disable unused network services and ports to reduce the attack surface.
  3. Enhance Device Authentication and Access Control
    • Implement multi-factor authentication (MFA) for accessing critical systems.
    • Use role-based access control (RBAC) to enforce the principle of least privilege.
  4. Regularly Update Firmware and Software
    • Keep devices updated with the latest firmware versions and security patches.
    • Establish a regular patch management schedule to address newly identified vulnerabilities.
  5. Secure Remote Access
    • Use encrypted communication protocols (e.g., VPN, SSH) for remote access.
    • Restrict remote access to authorized personnel only and enforce strong authentication mechanisms.
  6. Implement Anomaly Detection Techniques
    • Monitor network traffic and device behavior for unusual or unauthorized activities.
    • Use tools or techniques that can identify anomalies and provide alerts for potential threats.
  7. Implement Logging and Monitoring
    • Enable event logging and maintain audit trails on devices.
    • Regularly review logs for anomalies and unauthorized access attempts.
  8. Conduct Regular Security Assessments
    • Perform vulnerability assessments to identify potential risks.
    • Regularly review device configurations to ensure compliance with security policies.

 

Revision History:

VERSION DESCRIPTION RELEASE DATE
1.0 First release January 29, 2025
1.1

Updated the version information of the security patch that fixes the vulnerabilities in the solution.

 

Februray 21, 2025

Relevant Products

PT-7728 Series · PT-7828 Series · PT-G503 Series · PT-G510 Series · PT-G7728 Series · PT-G7828 Series ·

  •   Print this page
  • You can manage and share your saved list in My Moxa
Let’s get that fixed

If you are concerned about a potential cybersecurity vulnerability, please contact us and one of technical support staff will get in touch with you.

Report a Vulnerability
Added To Bag
You have some items waiting in your bag; click here to finish your quote!
Feedback