VDB

CVE-2025-40935

CVE-2025-40935 PUBLISHED CVSS 4.300000190734863 MEDIUM

A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.10.1), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.1), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.1), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.1), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.1), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.1), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.1), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.1), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.1), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.1), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.1), RUGGEDCOM RSG907R (All versions < V5.10.1), RUGGEDCOM RSG908C (All versions < V5.10.1), RUGGEDCOM RSG909R (All versions < V5.10.1), RUGGEDCOM RSG910C (All versions < V5.10.1), RUGGEDCOM RSG920P V5.X (All versions < V5.10.1), RUGGEDCOM RSL910 (All versions < V5.10.1), RUGGEDCOM RST2228 (All versions < V5.10.1), RUGGEDCOM RST2228P (All versions < V5.10.1), RUGGEDCOM RST916C (All versions < V5.10.1), RUGGEDCOM RST916P (All versions < V5.10.1). Affected devices do not properly validate input during the TLS certificate upload process of the web service. This could allow an authenticated remote attacker to trigger a device crash and reboot, leading to a temporary Denial of Service on the device.

EPSS 0.11% · 29.2th percentile

Risk Scores

CVSS v3.1
4.300000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
EPSS Score
0.11%
29.2th percentile

Affected Products

VendorProductVersions
SiemensRUGGEDCOM RSG909R0
SiemensRUGGEDCOM RSG2100 (32M) V5.X0
SiemensRUGGEDCOM RST2228P0
SiemensRUGGEDCOM RSG908C0
SiemensRUGGEDCOM RSG2288 V5.X0
SiemensRUGGEDCOM RSG2100P (32M) V5.X0
SiemensRUGGEDCOM RS416v2 V5.X0
SiemensRUGGEDCOM RST22280
SiemensRUGGEDCOM RSG2488 V5.X0
SiemensRUGGEDCOM RSL9100
SiemensRUGGEDCOM RSG920P V5.X0
SiemensRUGGEDCOM RSG2300P V5.X0
SiemensRUGGEDCOM RS416Pv2 V5.X0
SiemensRUGGEDCOM RS900 (32M) V5.X0
SiemensRUGGEDCOM RSG910C0
SiemensRUGGEDCOM RST916C0
SiemensRUGGEDCOM RST916P0
SiemensRUGGEDCOM RSG907R0
SiemensRUGGEDCOM RMC8388 V5.X0
SiemensRUGGEDCOM RSG2300 V5.X0

…and 1 more

Exploit Intelligence

Timeline

  • Apr 16, 2025 CVE ID Reserved
  • Dec 9, 2025 EPSS Score
  • Dec 9, 2025 CVE Published
  • Dec 9, 2025 CVE Updated
  • Dec 13, 2025 EPSS Score
  • Dec 17, 2025 EPSS Score
  • Dec 22, 2025 EPSS Score
  • Dec 26, 2025 EPSS Score
  • Dec 30, 2025 EPSS Score
  • Jan 3, 2026 EPSS Score
  • Jan 7, 2026 EPSS Score
  • Jan 12, 2026 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›