VDB

CVE-2024-56835

CVE-2024-56835 PUBLISHED CVSS 8.800000190734863 HIGH

A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). The DHCP Server configuration file of the affected products is subject to code injection. An attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system.

EPSS 0.02% · 5.5th percentile

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C
EPSS Score
0.02%
5.5th percentile

Affected Products

VendorProductVersions
SiemensRUGGEDCOM ROX RX50000
SiemensRUGGEDCOM ROX MX50000
SiemensRUGGEDCOM ROX RX15100
SiemensRUGGEDCOM ROX RX15010
SiemensRUGGEDCOM ROX RX15240
SiemensRUGGEDCOM ROX MX5000RE0
siemensruggedcom_rox_ii_firmware0
SiemensRUGGEDCOM ROX RX14000
SiemensRUGGEDCOM ROX RX15360
SiemensRUGGEDCOM ROX RX15000
SiemensRUGGEDCOM ROX RX15120
SiemensRUGGEDCOM ROX RX15110

Exploit Intelligence

Timeline

  • Dec 9, 2025 EPSS Score
  • Dec 9, 2025 CVE Published
  • Dec 13, 2025 EPSS Score
  • Dec 17, 2025 EPSS Score
  • Dec 22, 2025 EPSS Score
  • Dec 26, 2025 EPSS Score
  • Dec 30, 2025 EPSS Score
  • Jan 3, 2026 EPSS Score
  • Jan 7, 2026 EPSS Score
  • Jan 12, 2026 EPSS Score
  • Jan 13, 2026 CVE Updated
  • Jan 16, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›