All the vulnerabilites related to siemens - scalance_m876-4_\(eu\)
cve-2024-50559
Vulnerability from cvelistv5
Published
2024-11-12 12:50
Modified
2024-11-12 14:50
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50559",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-12T14:50:16.703540Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T14:50:27.518Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T12:50:01.376Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-50559",
"datePublished": "2024-11-12T12:50:01.376Z",
"dateReserved": "2024-10-24T11:01:04.416Z",
"dateUpdated": "2024-11-12T14:50:27.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50557
Vulnerability from cvelistv5
Published
2024-11-12 12:49
Modified
2024-11-20 16:47
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m874-3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m874-3_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m816-1_\\(annex_b\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_s615_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_s615_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_s615_eec_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_s615_eec_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(row\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(eu\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(cn\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(b1\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(a1\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum853-1_\\(a1\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum853-1_\\(b1\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum853-1_\\(eu\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:scalance_m876-4_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m876-4_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m876-3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m876-3_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m812-1_\\(annex_b\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m804pb_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m804pb_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ruggedcom_rm1224_lte\\(4g\\)_nam_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50557",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:25:19.026984Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T16:47:43.578Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T12:49:56.426Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-50557",
"datePublished": "2024-11-12T12:49:56.426Z",
"dateReserved": "2024-10-24T10:38:08.424Z",
"dateUpdated": "2024-11-20T16:47:43.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41977
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 16:01
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:siemens:ruggedcom_rcm1224_firmware:6.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ruggedcom_rcm1224_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "6.2",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41977",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T15:59:08.645171Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T16:01:41.802Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.1), SCALANCE M812-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M816-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-488",
"description": "CWE-488: Exposure of Data Element to Wrong Session",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T07:54:37.591Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-41977",
"datePublished": "2024-08-13T07:54:37.591Z",
"dateReserved": "2024-07-25T11:00:11.939Z",
"dateUpdated": "2024-08-13T16:01:41.802Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50560
Vulnerability from cvelistv5
Published
2024-11-12 12:50
Modified
2024-11-12 14:50
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50560",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-12T14:49:48.660026Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T14:50:02.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T12:50:04.034Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-50560",
"datePublished": "2024-11-12T12:50:04.034Z",
"dateReserved": "2024-10-24T11:37:28.687Z",
"dateUpdated": "2024-11-12T14:50:02.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50561
Vulnerability from cvelistv5
Published
2024-11-12 12:50
Modified
2024-11-12 14:49
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50561",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-12T14:49:22.927445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T14:49:34.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T12:50:06.660Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-50561",
"datePublished": "2024-11-12T12:50:06.660Z",
"dateReserved": "2024-10-24T11:37:28.688Z",
"dateUpdated": "2024-11-12T14:49:34.376Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41978
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-13 13:29
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41978",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-13T13:28:57.409070Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T13:29:07.876Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.1), SCALANCE M812-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M816-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T07:54:39.417Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-41978",
"datePublished": "2024-08-13T07:54:39.417Z",
"dateReserved": "2024-07-25T11:00:11.939Z",
"dateUpdated": "2024-08-13T13:29:07.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50572
Vulnerability from cvelistv5
Published
2024-11-12 12:50
Modified
2024-11-20 16:51
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m874-3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m874-3_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m816-1_\\(annex_b\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_s615_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_s615_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_s615_eec_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_s615_eec_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(row\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(eu\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(cn\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(b1\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(a1\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum853-1_\\(a1\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum853-1_\\(b1\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum853-1_\\(eu\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:scalance_m876-4_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m876-4_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m876-3_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m876-3_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m812-1_\\(annex_b\\)_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:scalance_m804pb_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m804pb_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:-:*:*:*:*:*:*:*",
"cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ruggedcom_rm1224_lte\\(4g\\)_nam_firmware",
"vendor": "siemens",
"versions": [
{
"lessThan": "8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50572",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:51:10.879106Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T16:51:19.040Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T12:50:08.911Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-50572",
"datePublished": "2024-11-12T12:50:08.911Z",
"dateReserved": "2024-10-24T13:47:50.881Z",
"dateUpdated": "2024-11-20T16:51:19.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-41976
Vulnerability from cvelistv5
Published
2024-08-13 07:54
Modified
2024-08-14 18:17
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.1 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ruggedcom_rm1224_lte\\(4g\\)_eu",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ruggedcom_rm1224_lte\\(4g\\)_nam",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m804pb:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m804pb",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m812-1_adsl-router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m812-1_adsl-router",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m816-1_adsl-router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m816-1_adsl-router",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m826-2_shdsl-router",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m874-2:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m874-2",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m874-3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m874-3",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m874-3_3g-router_\\(cn\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m874-3_3g-router_\\(cn\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m876-3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m876-3",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m876-3_\\(rok\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m876-4:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m876-4",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m876-4_\\(eu\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_m876-4_\\(nam\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum853-1_\\(a1\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum853-1_\\(b1\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum853-1_\\(eu\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(a1\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(b1\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(cn\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(eu\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_mum856-1_\\(row\\)",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_s615_eec_lan-router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_s615_eec_lan-router",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:h:siemens:scalance_s615_lan-router:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "scalance_s615_lan-router",
"vendor": "siemens",
"versions": [
{
"lessThan": "v8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-41976",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T17:50:04.994530Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T18:17:16.011Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router family",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.1), SCALANCE M812-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M816-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-13T07:54:35.837Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-41976",
"datePublished": "2024-08-13T07:54:35.837Z",
"dateReserved": "2024-07-25T11:00:11.939Z",
"dateUpdated": "2024-08-14T18:17:16.011Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-50558
Vulnerability from cvelistv5
Published
2024-11-12 12:49
Modified
2024-11-12 14:50
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices improperly manage access control for read-only users. This could allow an attacker to cause a temporary denial of service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Siemens | RUGGEDCOM RM1224 LTE(4G) EU |
Version: 0 < V8.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-50558",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-12T14:50:50.605395Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T14:50:58.351Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) EU",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "RUGGEDCOM RM1224 LTE(4G) NAM",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M804PB",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M812-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M816-1 ADSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M826-2 SHDSL-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-2",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M874-3 3G-Router (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-3 (ROK)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE M876-4 (NAM)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM853-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (A1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (B1)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (CN)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (EU)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE MUM856-1 (RoW)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 EEC LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "SCALANCE S615 LAN-Router",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V8.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices improperly manage access control for read-only users. This could allow an attacker to cause a temporary denial of service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T12:49:58.734Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2024-50558",
"datePublished": "2024-11-12T12:49:58.734Z",
"dateReserved": "2024-10-24T11:01:04.416Z",
"dateUpdated": "2024-11-12T14:50:58.351Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-08-13 08:15
Modified
2024-08-23 18:40
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-087301.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_lte\(4g\)_eu_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_eu | - | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam | - | |
| siemens | scalance_m804pb_firmware | * | |
| siemens | scalance_m804pb | - | |
| siemens | scalance_m826-2_shdsl-router_firmware | * | |
| siemens | scalance_m826-2_shdsl-router | - | |
| siemens | scalance_m874-2_firmware | * | |
| siemens | scalance_m874-2 | - | |
| siemens | scalance_m874-3_firmware | * | |
| siemens | scalance_m874-3 | - | |
| siemens | scalance_m876-3_firmware | * | |
| siemens | scalance_m876-3 | - | |
| siemens | scalance_m876-4_firmware | * | |
| siemens | scalance_m876-4 | - | |
| siemens | scalance_m874-3_3g-router_\(cn\)_firmware | * | |
| siemens | scalance_m874-3_3g-router_\(cn\) | - | |
| siemens | scalance_m876-3_\(rok\)_firmware | * | |
| siemens | scalance_m876-3_\(rok\) | - | |
| siemens | scalance_m876-4_\(eu\)_firmware | * | |
| siemens | scalance_m876-4_\(eu\) | - | |
| siemens | scalance_m876-4_\(nam\)_firmware | * | |
| siemens | scalance_m876-4_\(nam\) | - | |
| siemens | scalance_mum853-1_\(a1\)_firmware | * | |
| siemens | scalance_mum853-1_\(a1\) | - | |
| siemens | scalance_mum853-1_\(b1\)_firmware | * | |
| siemens | scalance_mum853-1_\(b1\) | - | |
| siemens | scalance_mum853-1_\(eu\)_firmware | * | |
| siemens | scalance_mum853-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(a1\)_firmware | * | |
| siemens | scalance_mum856-1_\(a1\) | - | |
| siemens | scalance_mum856-1_\(b1\)_firmware | * | |
| siemens | scalance_mum856-1_\(b1\) | - | |
| siemens | scalance_mum856-1_\(cn\)_firmware | * | |
| siemens | scalance_mum856-1_\(cn\) | - | |
| siemens | scalance_mum856-1_\(eu\)_firmware | * | |
| siemens | scalance_mum856-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(row\)_firmware | * | |
| siemens | scalance_mum856-1_\(row\) | - | |
| siemens | scalance_s615_eec_lan-router_firmware | * | |
| siemens | scalance_s615_eec_lan-router | - | |
| siemens | scalance_s615_lan-router_firmware | * | |
| siemens | scalance_s615_lan-router | - | |
| siemens | scalance_m812-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_a\) | - | |
| siemens | scalance_m812-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_b\) | - | |
| siemens | scalance_m816-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_a\) | - | |
| siemens | scalance_m816-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_b\) | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328FA23D-AEEF-473A-997A-FBBE18246CB5",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25FB249D-A143-457F-93C7-653DD76DEDF0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB7E58-2C7C-4569-9A5D-5BED18BF48D0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m826-2_shdsl-router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB2FE5E-C43B-4F13-A8A6-908E8AFC76B0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39951670-CF88-460C-B1D5-6DCFBC7F573D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29588219-DB22-4FFB-B069-DB8DF242052F",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71A50E33-00A9-40E2-93E1-359FDD3CF077",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5922A34F-A6A8-4215-83C5-9F7F279AC2CC",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7ABD5D-1250-441E-A768-5012DD3636CF",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_3g-router_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3698100C-C634-48D2-B6EB-210C6784FF5D",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3_3g-router_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA94E3C-6B00-407F-81BF-964D156E061F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "112CA300-C5BF-49D4-88C9-BFE9ADF49FAB",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C96A6B66-687B-4B36-AA1D-14232BA034C0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0F630F-540D-4BBC-BFEA-43642783B41A",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2113F152-E2F7-4F38-9D41-2BBB4A9FE02B",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25F8111-2124-4610-A184-FF75022341E3",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA690767-51B8-4202-BF9E-96DE81DF3326",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B63374D9-358B-4CF0-9E5D-432330612413",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49B17408-D934-46B1-A879-42B310127632",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8903A0DF-510A-4BDE-96B2-A3C38CB5A07C",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2F56C36-BCFA-4EBB-AF0D-7B90B5180759",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8A926E-05D5-4B85-8B54-6B13C815CFCD",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_lan-router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9F5011-6FB8-476B-95C9-B42ECDF9ACF3",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_eec_lan-router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8F4C94-781F-4796-83DD-A28E6D347AD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_lan-router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA816C2D-54F1-44A2-B811-151155CD1387",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_lan-router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98A1E7F-5A9A-4620-8137-7C1D84815917",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40E4DE88-0B4E-40FD-A7BD-FD197A67AFEF",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE90A25C-D574-4CAF-A2AF-61B27B3B699F",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62F46C61-BFC9-4A81-8F15-F7878FC6E657",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661F446C-7A54-41F9-8F3C-75DAC5840B9C",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.1), SCALANCE M812-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M816-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.1 ), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.1), Familia de enrutadores ADSL SCALANCE M812-1 (Todas las versiones \u0026lt; V8.1), Familia de enrutadores ADSL SCALANCE M816-1 (Todas las versiones \u0026lt; V8 .1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (todas las versiones \u0026lt; V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (todas las versiones \u0026lt; V8.1), SCALANCE M874- 3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-3 (6GK5876- 3AA02-2BA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.1 ), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM853 -1 (UE) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (B1 ) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (EU) (6GK5856- 2EA00-3DA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) ( Todas las versiones \u0026lt; V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (Todas las versiones \u0026lt; V8.1). Los dispositivos afectados no validan correctamente la entrada en campos de configuraci\u00f3n de VPN espec\u00edficos. Esto podr\u00eda permitir que un atacante remoto autenticado ejecute c\u00f3digo arbitrario en el dispositivo."
}
],
"id": "CVE-2024-41976",
"lastModified": "2024-08-23T18:40:16.173",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "HIGH",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-08-13T08:15:15.403",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-13 08:15
Modified
2024-08-23 18:39
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
8.0 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-087301.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_lte\(4g\)_eu_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_eu | - | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam | - | |
| siemens | scalance_m804pb_firmware | * | |
| siemens | scalance_m804pb | - | |
| siemens | scalance_m826-2_shdsl-router_firmware | * | |
| siemens | scalance_m826-2_shdsl-router | - | |
| siemens | scalance_m874-2_firmware | * | |
| siemens | scalance_m874-2 | - | |
| siemens | scalance_m874-3_firmware | * | |
| siemens | scalance_m874-3 | - | |
| siemens | scalance_m876-3_firmware | * | |
| siemens | scalance_m876-3 | - | |
| siemens | scalance_m876-4_firmware | * | |
| siemens | scalance_m876-4 | - | |
| siemens | scalance_m874-3_3g-router_\(cn\)_firmware | * | |
| siemens | scalance_m874-3_3g-router_\(cn\) | - | |
| siemens | scalance_m876-3_\(rok\)_firmware | * | |
| siemens | scalance_m876-3_\(rok\) | - | |
| siemens | scalance_m876-4_\(eu\)_firmware | * | |
| siemens | scalance_m876-4_\(eu\) | - | |
| siemens | scalance_m876-4_\(nam\)_firmware | * | |
| siemens | scalance_m876-4_\(nam\) | - | |
| siemens | scalance_mum853-1_\(a1\)_firmware | * | |
| siemens | scalance_mum853-1_\(a1\) | - | |
| siemens | scalance_mum853-1_\(b1\)_firmware | * | |
| siemens | scalance_mum853-1_\(b1\) | - | |
| siemens | scalance_mum853-1_\(eu\)_firmware | * | |
| siemens | scalance_mum853-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(a1\)_firmware | * | |
| siemens | scalance_mum856-1_\(a1\) | - | |
| siemens | scalance_mum856-1_\(b1\)_firmware | * | |
| siemens | scalance_mum856-1_\(b1\) | - | |
| siemens | scalance_mum856-1_\(cn\)_firmware | * | |
| siemens | scalance_mum856-1_\(cn\) | - | |
| siemens | scalance_mum856-1_\(eu\)_firmware | * | |
| siemens | scalance_mum856-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(row\)_firmware | * | |
| siemens | scalance_mum856-1_\(row\) | - | |
| siemens | scalance_s615_eec_lan-router_firmware | * | |
| siemens | scalance_s615_eec_lan-router | - | |
| siemens | scalance_s615_lan-router_firmware | * | |
| siemens | scalance_s615_lan-router | - | |
| siemens | scalance_m812-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_a\) | - | |
| siemens | scalance_m812-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_b\) | - | |
| siemens | scalance_m816-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_a\) | - | |
| siemens | scalance_m816-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_b\) | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328FA23D-AEEF-473A-997A-FBBE18246CB5",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25FB249D-A143-457F-93C7-653DD76DEDF0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB7E58-2C7C-4569-9A5D-5BED18BF48D0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m826-2_shdsl-router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB2FE5E-C43B-4F13-A8A6-908E8AFC76B0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39951670-CF88-460C-B1D5-6DCFBC7F573D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29588219-DB22-4FFB-B069-DB8DF242052F",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71A50E33-00A9-40E2-93E1-359FDD3CF077",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5922A34F-A6A8-4215-83C5-9F7F279AC2CC",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7ABD5D-1250-441E-A768-5012DD3636CF",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_3g-router_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3698100C-C634-48D2-B6EB-210C6784FF5D",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3_3g-router_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA94E3C-6B00-407F-81BF-964D156E061F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "112CA300-C5BF-49D4-88C9-BFE9ADF49FAB",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C96A6B66-687B-4B36-AA1D-14232BA034C0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0F630F-540D-4BBC-BFEA-43642783B41A",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2113F152-E2F7-4F38-9D41-2BBB4A9FE02B",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25F8111-2124-4610-A184-FF75022341E3",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA690767-51B8-4202-BF9E-96DE81DF3326",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B63374D9-358B-4CF0-9E5D-432330612413",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49B17408-D934-46B1-A879-42B310127632",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8903A0DF-510A-4BDE-96B2-A3C38CB5A07C",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2F56C36-BCFA-4EBB-AF0D-7B90B5180759",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8A926E-05D5-4B85-8B54-6B13C815CFCD",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_lan-router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9F5011-6FB8-476B-95C9-B42ECDF9ACF3",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_eec_lan-router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8F4C94-781F-4796-83DD-A28E6D347AD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_lan-router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA816C2D-54F1-44A2-B811-151155CD1387",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_lan-router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98A1E7F-5A9A-4620-8137-7C1D84815917",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40E4DE88-0B4E-40FD-A7BD-FD197A67AFEF",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE90A25C-D574-4CAF-A2AF-61B27B3B699F",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62F46C61-BFC9-4A81-8F15-F7878FC6E657",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661F446C-7A54-41F9-8F3C-75DAC5840B9C",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.1), SCALANCE M812-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M816-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.1 ), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.1), Familia de enrutadores ADSL SCALANCE M812-1 (Todas las versiones \u0026lt; V8.1), Familia de enrutadores ADSL SCALANCE M816-1 (Todas las versiones \u0026lt; V8 .1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (todas las versiones \u0026lt; V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (todas las versiones \u0026lt; V8.1), SCALANCE M874- 3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-3 (6GK5876- 3AA02-2BA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.1 ), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM853 -1 (UE) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (B1 ) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (EU) (6GK5856- 2EA00-3DA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) ( Todas las versiones \u0026lt; V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (Todas las versiones \u0026lt; V8.1). Los dispositivos afectados no aplican adecuadamente el aislamiento entre sesiones de usuario en su componente de servidor web. Esto podr\u00eda permitir que un atacante remoto autenticado escale sus privilegios en los dispositivos."
}
],
"id": "CVE-2024-41977",
"lastModified": "2024-08-23T18:39:13.990",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "HIGH",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-08-13T08:15:15.640",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-488"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 19:59
Severity ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-354112.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_lte\(4g\)_eu_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_eu | - | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam | - | |
| siemens | scalance_m804pb_firmware | * | |
| siemens | scalance_m804pb | - | |
| siemens | scalance_m812-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_a\) | - | |
| siemens | scalance_m812-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_b\) | - | |
| siemens | scalance_m816-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_a\) | - | |
| siemens | scalance_m816-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_b\) | - | |
| siemens | scalance_m826-2_firmware | * | |
| siemens | scalance_m826-2 | - | |
| siemens | scalance_m874-2_firmware | * | |
| siemens | scalance_m874-2 | - | |
| siemens | scalance_m874-3_firmware | * | |
| siemens | scalance_m874-3 | - | |
| siemens | scalance_m874-3_\(cn\)_firmware | * | |
| siemens | scalance_m874-3_\(cn\) | - | |
| siemens | scalance_m876-3_firmware | * | |
| siemens | scalance_m876-3 | - | |
| siemens | scalance_m876-3_\(rok\)_firmware | * | |
| siemens | scalance_m876-3_\(rok\) | - | |
| siemens | scalance_m876-4_firmware | * | |
| siemens | scalance_m876-4 | - | |
| siemens | scalance_m876-4_\(eu\)_firmware | * | |
| siemens | scalance_m876-4_\(eu\) | - | |
| siemens | scalance_m876-4_\(nam\)_firmware | * | |
| siemens | scalance_m876-4_\(nam\) | - | |
| siemens | scalance_mum853-1_\(a1\)_firmware | * | |
| siemens | scalance_mum853-1_\(a1\) | - | |
| siemens | scalance_mum853-1_\(b1\)_firmware | * | |
| siemens | scalance_mum853-1_\(b1\) | - | |
| siemens | scalance_mum853-1_\(eu\)_firmware | * | |
| siemens | scalance_mum853-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(a1\)_firmware | * | |
| siemens | scalance_mum856-1_\(a1\) | - | |
| siemens | scalance_mum856-1_\(b1\)_firmware | * | |
| siemens | scalance_mum856-1_\(b1\) | - | |
| siemens | scalance_mum856-1_\(cn\)_firmware | * | |
| siemens | scalance_mum856-1_\(cn\) | - | |
| siemens | scalance_mum856-1_\(eu\)_firmware | * | |
| siemens | scalance_mum856-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(row\)_firmware | * | |
| siemens | scalance_mum856-1_\(row\) | - | |
| siemens | scalance_s615_eec_firmware | * | |
| siemens | scalance_s615_eec | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a la V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a la V8.2). Los dispositivos afectados no desinfectan correctamente un campo de entrada. Esto podr\u00eda permitir que un atacante remoto autenticado con privilegios administrativos inyecte c\u00f3digo o genere un shell ra\u00edz del sistema."
}
],
"id": "CVE-2024-50572",
"lastModified": "2024-11-13T19:59:16.777",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "productcert@siemens.com",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "HIGH",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH"
},
"source": "productcert@siemens.com",
"type": "Primary"
}
]
},
"published": "2024-11-12T13:15:13.503",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 19:56
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-354112.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_lte\(4g\)_eu_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_eu | - | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam | - | |
| siemens | scalance_m804pb_firmware | * | |
| siemens | scalance_m804pb | - | |
| siemens | scalance_m812-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_a\) | - | |
| siemens | scalance_m812-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_b\) | - | |
| siemens | scalance_m816-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_a\) | - | |
| siemens | scalance_m816-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_b\) | - | |
| siemens | scalance_m826-2_firmware | * | |
| siemens | scalance_m826-2 | - | |
| siemens | scalance_m874-2_firmware | * | |
| siemens | scalance_m874-2 | - | |
| siemens | scalance_m874-3_firmware | * | |
| siemens | scalance_m874-3 | - | |
| siemens | scalance_m874-3_\(cn\)_firmware | * | |
| siemens | scalance_m874-3_\(cn\) | - | |
| siemens | scalance_m876-3_firmware | * | |
| siemens | scalance_m876-3 | - | |
| siemens | scalance_m876-3_\(rok\)_firmware | * | |
| siemens | scalance_m876-3_\(rok\) | - | |
| siemens | scalance_m876-4_firmware | * | |
| siemens | scalance_m876-4 | - | |
| siemens | scalance_m876-4_\(eu\)_firmware | * | |
| siemens | scalance_m876-4_\(eu\) | - | |
| siemens | scalance_m876-4_\(nam\)_firmware | * | |
| siemens | scalance_m876-4_\(nam\) | - | |
| siemens | scalance_mum853-1_\(a1\)_firmware | * | |
| siemens | scalance_mum853-1_\(a1\) | - | |
| siemens | scalance_mum853-1_\(b1\)_firmware | * | |
| siemens | scalance_mum853-1_\(b1\) | - | |
| siemens | scalance_mum853-1_\(eu\)_firmware | * | |
| siemens | scalance_mum853-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(a1\)_firmware | * | |
| siemens | scalance_mum856-1_\(a1\) | - | |
| siemens | scalance_mum856-1_\(b1\)_firmware | * | |
| siemens | scalance_mum856-1_\(b1\) | - | |
| siemens | scalance_mum856-1_\(cn\)_firmware | * | |
| siemens | scalance_mum856-1_\(cn\) | - | |
| siemens | scalance_mum856-1_\(eu\)_firmware | * | |
| siemens | scalance_mum856-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(row\)_firmware | * | |
| siemens | scalance_mum856-1_\(row\) | - | |
| siemens | scalance_s615_eec_firmware | * | |
| siemens | scalance_s615_eec | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones \u0026lt; V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones \u0026lt; V8.2). Los dispositivos afectados no validan correctamente los nombres de archivo del certificado. Esto podr\u00eda permitir que un atacante remoto autenticado agregue valores arbitrarios que comprometer\u00e1n la integridad del sistema."
}
],
"id": "CVE-2024-50559",
"lastModified": "2024-11-13T19:56:31.780",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-11-12T13:15:12.653",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 19:57
Severity ?
3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-354112.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_lte\(4g\)_eu_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_eu | - | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam | - | |
| siemens | scalance_m804pb_firmware | * | |
| siemens | scalance_m804pb | - | |
| siemens | scalance_m812-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_a\) | - | |
| siemens | scalance_m812-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_b\) | - | |
| siemens | scalance_m816-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_a\) | - | |
| siemens | scalance_m816-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_b\) | - | |
| siemens | scalance_m826-2_firmware | * | |
| siemens | scalance_m826-2 | - | |
| siemens | scalance_m874-2_firmware | * | |
| siemens | scalance_m874-2 | - | |
| siemens | scalance_m874-3_firmware | * | |
| siemens | scalance_m874-3 | - | |
| siemens | scalance_m874-3_\(cn\)_firmware | * | |
| siemens | scalance_m874-3_\(cn\) | - | |
| siemens | scalance_m876-3_firmware | * | |
| siemens | scalance_m876-3 | - | |
| siemens | scalance_m876-3_\(rok\)_firmware | * | |
| siemens | scalance_m876-3_\(rok\) | - | |
| siemens | scalance_m876-4_firmware | * | |
| siemens | scalance_m876-4 | - | |
| siemens | scalance_m876-4_\(eu\)_firmware | * | |
| siemens | scalance_m876-4_\(eu\) | - | |
| siemens | scalance_m876-4_\(nam\)_firmware | * | |
| siemens | scalance_m876-4_\(nam\) | - | |
| siemens | scalance_mum853-1_\(a1\)_firmware | * | |
| siemens | scalance_mum853-1_\(a1\) | - | |
| siemens | scalance_mum853-1_\(b1\)_firmware | * | |
| siemens | scalance_mum853-1_\(b1\) | - | |
| siemens | scalance_mum853-1_\(eu\)_firmware | * | |
| siemens | scalance_mum853-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(a1\)_firmware | * | |
| siemens | scalance_mum856-1_\(a1\) | - | |
| siemens | scalance_mum856-1_\(b1\)_firmware | * | |
| siemens | scalance_mum856-1_\(b1\) | - | |
| siemens | scalance_mum856-1_\(cn\)_firmware | * | |
| siemens | scalance_mum856-1_\(cn\) | - | |
| siemens | scalance_mum856-1_\(eu\)_firmware | * | |
| siemens | scalance_mum856-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(row\)_firmware | * | |
| siemens | scalance_mum856-1_\(row\) | - | |
| siemens | scalance_s615_eec_firmware | * | |
| siemens | scalance_s615_eec | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a la V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a la V8.2). Los dispositivos afectados truncan los nombres de usuario de m\u00e1s de 15 caracteres cuando se accede a ellos a trav\u00e9s de SSH o Telnet. Esto podr\u00eda permitir que un atacante comprometa la integridad del sistema."
}
],
"id": "CVE-2024-50560",
"lastModified": "2024-11-13T19:57:26.073",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-11-12T13:15:12.913",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 19:55
Severity ?
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices improperly manage access control for read-only users. This could allow an attacker to cause a temporary denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-354112.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_lte\(4g\)_eu_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_eu | - | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam | - | |
| siemens | scalance_m804pb_firmware | * | |
| siemens | scalance_m804pb | - | |
| siemens | scalance_m812-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_a\) | - | |
| siemens | scalance_m812-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_b\) | - | |
| siemens | scalance_m816-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_a\) | - | |
| siemens | scalance_m816-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_b\) | - | |
| siemens | scalance_m826-2_firmware | * | |
| siemens | scalance_m826-2 | - | |
| siemens | scalance_m874-2_firmware | * | |
| siemens | scalance_m874-2 | - | |
| siemens | scalance_m874-3_firmware | * | |
| siemens | scalance_m874-3 | - | |
| siemens | scalance_m874-3_\(cn\)_firmware | * | |
| siemens | scalance_m874-3_\(cn\) | - | |
| siemens | scalance_m876-3_firmware | * | |
| siemens | scalance_m876-3 | - | |
| siemens | scalance_m876-3_\(rok\)_firmware | * | |
| siemens | scalance_m876-3_\(rok\) | - | |
| siemens | scalance_m876-4_firmware | * | |
| siemens | scalance_m876-4 | - | |
| siemens | scalance_m876-4_\(eu\)_firmware | * | |
| siemens | scalance_m876-4_\(eu\) | - | |
| siemens | scalance_m876-4_\(nam\)_firmware | * | |
| siemens | scalance_m876-4_\(nam\) | - | |
| siemens | scalance_mum853-1_\(a1\)_firmware | * | |
| siemens | scalance_mum853-1_\(a1\) | - | |
| siemens | scalance_mum853-1_\(b1\)_firmware | * | |
| siemens | scalance_mum853-1_\(b1\) | - | |
| siemens | scalance_mum853-1_\(eu\)_firmware | * | |
| siemens | scalance_mum853-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(a1\)_firmware | * | |
| siemens | scalance_mum856-1_\(a1\) | - | |
| siemens | scalance_mum856-1_\(b1\)_firmware | * | |
| siemens | scalance_mum856-1_\(b1\) | - | |
| siemens | scalance_mum856-1_\(cn\)_firmware | * | |
| siemens | scalance_mum856-1_\(cn\) | - | |
| siemens | scalance_mum856-1_\(eu\)_firmware | * | |
| siemens | scalance_mum856-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(row\)_firmware | * | |
| siemens | scalance_mum856-1_\(row\) | - | |
| siemens | scalance_s615_eec_firmware | * | |
| siemens | scalance_s615_eec | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices improperly manage access control for read-only users. This could allow an attacker to cause a temporary denial of service condition."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a la V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a la V8.2). Los dispositivos afectados administran incorrectamente el control de acceso para usuarios de solo lectura. Esto podr\u00eda permitir que un atacante provoque una condici\u00f3n de denegaci\u00f3n de servicio temporal."
}
],
"id": "CVE-2024-50558",
"lastModified": "2024-11-13T19:55:25.200",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "productcert@siemens.com",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "LOW",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-11-12T13:15:12.403",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 19:54
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-354112.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_lte\(4g\)_eu_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_eu | - | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam | - | |
| siemens | scalance_m804pb_firmware | * | |
| siemens | scalance_m804pb | - | |
| siemens | scalance_m812-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_a\) | - | |
| siemens | scalance_m812-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_b\) | - | |
| siemens | scalance_m816-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_a\) | - | |
| siemens | scalance_m816-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_b\) | - | |
| siemens | scalance_m826-2_firmware | * | |
| siemens | scalance_m826-2 | - | |
| siemens | scalance_m874-2_firmware | * | |
| siemens | scalance_m874-2 | - | |
| siemens | scalance_m874-3_firmware | * | |
| siemens | scalance_m874-3 | - | |
| siemens | scalance_m874-3_\(cn\)_firmware | * | |
| siemens | scalance_m874-3_\(cn\) | - | |
| siemens | scalance_m876-3_firmware | * | |
| siemens | scalance_m876-3 | - | |
| siemens | scalance_m876-3_\(rok\)_firmware | * | |
| siemens | scalance_m876-3_\(rok\) | - | |
| siemens | scalance_m876-4_firmware | * | |
| siemens | scalance_m876-4 | - | |
| siemens | scalance_m876-4_\(eu\)_firmware | * | |
| siemens | scalance_m876-4_\(eu\) | - | |
| siemens | scalance_m876-4_\(nam\)_firmware | * | |
| siemens | scalance_m876-4_\(nam\) | - | |
| siemens | scalance_mum853-1_\(a1\)_firmware | * | |
| siemens | scalance_mum853-1_\(a1\) | - | |
| siemens | scalance_mum853-1_\(b1\)_firmware | * | |
| siemens | scalance_mum853-1_\(b1\) | - | |
| siemens | scalance_mum853-1_\(eu\)_firmware | * | |
| siemens | scalance_mum853-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(a1\)_firmware | * | |
| siemens | scalance_mum856-1_\(a1\) | - | |
| siemens | scalance_mum856-1_\(b1\)_firmware | * | |
| siemens | scalance_mum856-1_\(b1\) | - | |
| siemens | scalance_mum856-1_\(cn\)_firmware | * | |
| siemens | scalance_mum856-1_\(cn\) | - | |
| siemens | scalance_mum856-1_\(eu\)_firmware | * | |
| siemens | scalance_mum856-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(row\)_firmware | * | |
| siemens | scalance_mum856-1_\(row\) | - | |
| siemens | scalance_s615_eec_firmware | * | |
| siemens | scalance_s615_eec | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a V8.2). Los dispositivos afectados no validan correctamente la entrada en los campos de configuraci\u00f3n de la funcionalidad iperf. Esto podr\u00eda permitir que un atacante remoto no autenticado ejecute c\u00f3digo arbitrario en el dispositivo."
}
],
"id": "CVE-2024-50557",
"lastModified": "2024-11-13T19:54:52.490",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "HIGH",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-11-12T13:15:12.157",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-12 13:15
Modified
2024-11-13 19:57
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-354112.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_lte\(4g\)_eu_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_eu | - | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam | - | |
| siemens | scalance_m804pb_firmware | * | |
| siemens | scalance_m804pb | - | |
| siemens | scalance_m812-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_a\) | - | |
| siemens | scalance_m812-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_b\) | - | |
| siemens | scalance_m816-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_a\) | - | |
| siemens | scalance_m816-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_b\) | - | |
| siemens | scalance_m826-2_firmware | * | |
| siemens | scalance_m826-2 | - | |
| siemens | scalance_m874-2_firmware | * | |
| siemens | scalance_m874-2 | - | |
| siemens | scalance_m874-3_firmware | * | |
| siemens | scalance_m874-3 | - | |
| siemens | scalance_m874-3_\(cn\)_firmware | * | |
| siemens | scalance_m874-3_\(cn\) | - | |
| siemens | scalance_m876-3_firmware | * | |
| siemens | scalance_m876-3 | - | |
| siemens | scalance_m876-3_\(rok\)_firmware | * | |
| siemens | scalance_m876-3_\(rok\) | - | |
| siemens | scalance_m876-4_firmware | * | |
| siemens | scalance_m876-4 | - | |
| siemens | scalance_m876-4_\(eu\)_firmware | * | |
| siemens | scalance_m876-4_\(eu\) | - | |
| siemens | scalance_m876-4_\(nam\)_firmware | * | |
| siemens | scalance_m876-4_\(nam\) | - | |
| siemens | scalance_mum853-1_\(a1\)_firmware | * | |
| siemens | scalance_mum853-1_\(a1\) | - | |
| siemens | scalance_mum853-1_\(b1\)_firmware | * | |
| siemens | scalance_mum853-1_\(b1\) | - | |
| siemens | scalance_mum853-1_\(eu\)_firmware | * | |
| siemens | scalance_mum853-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(a1\)_firmware | * | |
| siemens | scalance_mum856-1_\(a1\) | - | |
| siemens | scalance_mum856-1_\(b1\)_firmware | * | |
| siemens | scalance_mum856-1_\(b1\) | - | |
| siemens | scalance_mum856-1_\(cn\)_firmware | * | |
| siemens | scalance_mum856-1_\(cn\) | - | |
| siemens | scalance_mum856-1_\(eu\)_firmware | * | |
| siemens | scalance_mum856-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(row\)_firmware | * | |
| siemens | scalance_mum856-1_\(row\) | - | |
| siemens | scalance_s615_eec_firmware | * | |
| siemens | scalance_s615_eec | - | |
| siemens | scalance_s615_firmware | * | |
| siemens | scalance_s615 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F7981A8-C60A-45EE-92E5-8149A3F7760F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF2D6E7-45CD-4303-B9A9-A576BC2F1B6F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "077F8316-E68A-4787-88EF-8016D8F06F00",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "780808FF-1144-4AEE-9E72-DE5B19870E2F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3148BA6-091B-4203-B12E-2FFCEA1DB22D",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCD7E43-4CF9-4937-8A62-4B42FE03584F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2594F8F-9DEF-4FC4-9068-B5A29C4DBA92",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF99EF5-12B4-45EE-9BC3-59E9F744376B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60458734-FF87-48E9-9B63-5AB9EA5ED0E5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD142E4-6F7F-4751-93B6-C3508A0828DA",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7D6063-EB3D-4150-9B89-D62C38E65787",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8D5BDB5-AE39-472C-9A76-243DC01C97F8",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "71B11BE1-57EB-43AB-8F7A-AFE5BA28D34A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE41F12-80FC-46CE-BBFA-E11695C56E30",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A8F79E-C849-4D3B-9103-8068DD84DAEC",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA02FE0C-5813-4994-9887-BE0AB1344FEB",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B43540C5-9208-42C9-BDB6-2D6C0EB665C7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC56B2F3-EEF5-4891-92EE-917F6EA685E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD477A4C-4C41-4068-872C-2D633E2DB5C9",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01EEE560-AC67-47FE-8B30-F699CAF951FF",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C0D7706-40DC-4598-B24C-9BD7B20B31F4",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D13A44E-DE1F-4BE3-AD0B-FCF4E8DAA9E7",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C56063A9-5A2A-4F19-AAAC-A40A01D0D69F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "27486547-EDF2-45C2-84FF-7B74D75304F6",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "124DE318-3EFE-4FDA-8306-462BB936F892",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "973C1E5B-8A98-4345-8BE3-A4B7B39EEF4F",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7246F2E8-0A0E-4020-B806-421DB0B91C0B",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA5D94EA-C407-446F-B98F-F647ACBBA010",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F16CD316-4D89-45B7-83C1-138236898C0A",
"versionEndExcluding": "8.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E917CBBB-EF41-4113-B0CA-EB91889235E7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions \u003c V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions \u003c V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.2). Affected devices do not properly sanitize the filenames before uploading. This could allow an authenticated remote attacker to compromise of integrity of the system."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones \u0026lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a la V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a la V8.2). Los dispositivos afectados no desinfectan correctamente los nombres de archivo antes de cargarlos. Esto podr\u00eda permitir que un atacante remoto autenticado comprometa la integridad del sistema."
}
],
"id": "CVE-2024-50561",
"lastModified": "2024-11-13T19:57:56.313",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-11-12T13:15:13.260",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-13 08:15
Modified
2024-08-23 18:34
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| productcert@siemens.com | https://cert-portal.siemens.com/productcert/html/ssa-087301.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| siemens | ruggedcom_rm1224_lte\(4g\)_eu_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_eu | - | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam_firmware | * | |
| siemens | ruggedcom_rm1224_lte\(4g\)_nam | - | |
| siemens | scalance_m804pb_firmware | * | |
| siemens | scalance_m804pb | - | |
| siemens | scalance_m826-2_shdsl-router_firmware | * | |
| siemens | scalance_m826-2_shdsl-router | - | |
| siemens | scalance_m874-2_firmware | * | |
| siemens | scalance_m874-2 | - | |
| siemens | scalance_m874-3_firmware | * | |
| siemens | scalance_m874-3 | - | |
| siemens | scalance_m876-3_firmware | * | |
| siemens | scalance_m876-3 | - | |
| siemens | scalance_m876-4_firmware | * | |
| siemens | scalance_m876-4 | - | |
| siemens | scalance_m874-3_3g-router_\(cn\)_firmware | * | |
| siemens | scalance_m874-3_3g-router_\(cn\) | - | |
| siemens | scalance_m876-3_\(rok\)_firmware | * | |
| siemens | scalance_m876-3_\(rok\) | - | |
| siemens | scalance_m876-4_\(eu\)_firmware | * | |
| siemens | scalance_m876-4_\(eu\) | - | |
| siemens | scalance_m876-4_\(nam\)_firmware | * | |
| siemens | scalance_m876-4_\(nam\) | - | |
| siemens | scalance_mum853-1_\(a1\)_firmware | * | |
| siemens | scalance_mum853-1_\(a1\) | - | |
| siemens | scalance_mum853-1_\(b1\)_firmware | * | |
| siemens | scalance_mum853-1_\(b1\) | - | |
| siemens | scalance_mum853-1_\(eu\)_firmware | * | |
| siemens | scalance_mum853-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(a1\)_firmware | * | |
| siemens | scalance_mum856-1_\(a1\) | - | |
| siemens | scalance_mum856-1_\(b1\)_firmware | * | |
| siemens | scalance_mum856-1_\(b1\) | - | |
| siemens | scalance_mum856-1_\(cn\)_firmware | * | |
| siemens | scalance_mum856-1_\(cn\) | - | |
| siemens | scalance_mum856-1_\(eu\)_firmware | * | |
| siemens | scalance_mum856-1_\(eu\) | - | |
| siemens | scalance_mum856-1_\(row\)_firmware | * | |
| siemens | scalance_mum856-1_\(row\) | - | |
| siemens | scalance_s615_eec_lan-router_firmware | * | |
| siemens | scalance_s615_eec_lan-router | - | |
| siemens | scalance_s615_lan-router_firmware | * | |
| siemens | scalance_s615_lan-router | - | |
| siemens | scalance_m812-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_a\) | - | |
| siemens | scalance_m812-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m812-1_\(annex_b\) | - | |
| siemens | scalance_m816-1_\(annex_a\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_a\) | - | |
| siemens | scalance_m816-1_\(annex_b\)_firmware | * | |
| siemens | scalance_m816-1_\(annex_b\) | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "328FA23D-AEEF-473A-997A-FBBE18246CB5",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03D8CF59-D9D4-4C50-A6E6-D6B5BDB31AEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25FB249D-A143-457F-93C7-653DD76DEDF0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:ruggedcom_rm1224_lte\\(4g\\)_nam:-:*:*:*:*:*:*:*",
"matchCriteriaId": "400ACE99-AF15-4C20-9A6D-F8584DA5C7CE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99CB7E58-2C7C-4569-9A5D-5BED18BF48D0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6EBA42A-93FF-4883-8626-EF78D38374D3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m826-2_shdsl-router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB2FE5E-C43B-4F13-A8A6-908E8AFC76B0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39951670-CF88-460C-B1D5-6DCFBC7F573D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29588219-DB22-4FFB-B069-DB8DF242052F",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C933ED27-2206-4734-8EB8-6A6431D1FBF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71A50E33-00A9-40E2-93E1-359FDD3CF077",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3258DC7-0461-4C65-8292-85C9965EA83D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5922A34F-A6A8-4215-83C5-9F7F279AC2CC",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD221BA9-3448-49E4-B3A3-D88B939785AC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7ABD5D-1250-441E-A768-5012DD3636CF",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E4CCE9-71F7-4960-B7DE-5298EFB7C619",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m874-3_3g-router_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3698100C-C634-48D2-B6EB-210C6784FF5D",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m874-3_3g-router_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA94E3C-6B00-407F-81BF-964D156E061F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-3_\\(rok\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "112CA300-C5BF-49D4-88C9-BFE9ADF49FAB",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-3_\\(rok\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3FA80AA-4869-46BF-8A1B-17C54219338C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C96A6B66-687B-4B36-AA1D-14232BA034C0",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3886E130-C39C-43D2-8B1F-F773874F8002",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m876-4_\\(nam\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0F630F-540D-4BBC-BFEA-43642783B41A",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m876-4_\\(nam\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDBED616-1074-44CE-98C8-48A5387A5DAF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2113F152-E2F7-4F38-9D41-2BBB4A9FE02B",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC884995-EA34-4EFA-8B3A-5C7B9BC71C32",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25F8111-2124-4610-A184-FF75022341E3",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A94E232B-12ED-4E9D-A6D7-C66391C48F06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum853-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA690767-51B8-4202-BF9E-96DE81DF3326",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum853-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94AF78F7-3DF5-40FA-A496-4523183DB792",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(a1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B63374D9-358B-4CF0-9E5D-432330612413",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(a1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF849848-87EA-41D5-8E19-871A306D332A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(b1\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "49B17408-D934-46B1-A879-42B310127632",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(b1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "77E5245F-8AA7-4132-AA7F-1FE4F86B703E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(cn\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8903A0DF-510A-4BDE-96B2-A3C38CB5A07C",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(cn\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B05B62B-1B41-4A3D-8591-57B4D0EF476F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(eu\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2F56C36-BCFA-4EBB-AF0D-7B90B5180759",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(eu\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "A219D2B9-1D71-4831-BD0B-790B7057344C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_mum856-1_\\(row\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E8A926E-05D5-4B85-8B54-6B13C815CFCD",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_mum856-1_\\(row\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6FED00-E40C-458A-8D5C-9B1826DBAE24",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_eec_lan-router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A9F5011-6FB8-476B-95C9-B42ECDF9ACF3",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_eec_lan-router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E8F4C94-781F-4796-83DD-A28E6D347AD8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_s615_lan-router_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA816C2D-54F1-44A2-B811-151155CD1387",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_s615_lan-router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98A1E7F-5A9A-4620-8137-7C1D84815917",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40E4DE88-0B4E-40FD-A7BD-FD197A67AFEF",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "B680E815-D9EF-41BC-A198-85332738B1B9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m812-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AE90A25C-D574-4CAF-A2AF-61B27B3B699F",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m812-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "0895418F-A4C6-40D3-8544-5AF3F5B54709",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_a\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62F46C61-BFC9-4A81-8F15-F7878FC6E657",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_a\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A1636E7-BF41-4BF6-8609-9675956FB947",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:scalance_m816-1_\\(annex_b\\)_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "661F446C-7A54-41F9-8F3C-75DAC5840B9C",
"versionEndExcluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:scalance_m816-1_\\(annex_b\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "06E70F60-33E2-472F-9B25-FE19B964220B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions \u003c V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions \u003c V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions \u003c V8.1), SCALANCE M812-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M816-1 ADSL-Router family (All versions \u003c V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions \u003c V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions \u003c V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions \u003c V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions \u003c V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions \u003c V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions \u003c V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions \u003c V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions \u003c V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions \u003c V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions \u003c V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions \u003c V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions \u003c V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users."
},
{
"lang": "es",
"value": "Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones \u0026lt; V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones \u0026lt; V8.1 ), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones \u0026lt; V8.1), Familia de enrutadores ADSL SCALANCE M812-1 (Todas las versiones \u0026lt; V8.1), Familia de enrutadores ADSL SCALANCE M816-1 (Todas las versiones \u0026lt; V8 .1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (todas las versiones \u0026lt; V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (todas las versiones \u0026lt; V8.1), SCALANCE M874- 3 (6GK5874-3AA00-2AA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-3 (6GK5876- 3AA02-2BA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones \u0026lt; V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones \u0026lt; V8.1 ), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM853 -1 (UE) (6GK5853-2EA00-2DA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (B1 ) (6GK5856-2EA10-3BA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (EU) (6GK5856- 2EA00-3DA1) (Todas las versiones \u0026lt; V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones \u0026lt; V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) ( Todas las versiones \u0026lt; V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (Todas las versiones \u0026lt; V8.1). Los dispositivos afectados insertan informaci\u00f3n confidencial sobre la generaci\u00f3n de tokens 2FA en archivos de registro. Esto podr\u00eda permitir que un atacante remoto autenticado falsifique tokens 2FA de otros usuarios."
}
],
"id": "CVE-2024-41978",
"lastModified": "2024-08-23T18:34:36.283",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "productcert@siemens.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"automatable": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityRequirements": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"subsequentSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"vulnerableSystemAvailability": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "NONE"
},
"source": "productcert@siemens.com",
"type": "Secondary"
}
]
},
"published": "2024-08-13T08:15:15.903",
"references": [
{
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/html/ssa-087301.html"
}
],
"sourceIdentifier": "productcert@siemens.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
}
],
"source": "productcert@siemens.com",
"type": "Primary"
}
]
}