VDB

CVE-2025-71185

CVE-2025-71185 PUBLISHED CVSS 9.800000190734863 CRITICAL

SINEC OS before V4.0 contains multiple vulnerabilities. Siemens has released a new version for RUGGEDCOM RST2428P and recommends to update to the latest version. The following versions of Siemens SINEC OS are affected: RUGGEDCOM RST2428P (6GK6242-6PA00) vers:intdot/ CVSS Vendor Equipment Vulnerabilities v3 9.8 Siemens Siemens SINEC OS Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Resource Shutdown or Release, Integer Overflow or Wraparound, Stack-based Buffer Overflow, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Uncontrolled Recursion, Out-of-bounds Read, Covert Timing Channel, Improper Input Validation, Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Improper Update of Reference Count, Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition'), Multiple Releases of Same Resource or Handle, Permissive Regular Expression, Expired Pointer Dereference, Incorrect Bitwise Shift of Integer, Out-of-bounds Write, User Interface (UI) Misrepresentation of Critical Information, Improper Access Control, Insertion of Sensitive Information Into Sent Data, Inefficient Algorithmic Complexity, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Authentication Bypass by Primary Weakness, NULL Pointer Dereference, Active Debug Code, Loop with Unreachable Exit Condition ('Infinite Loop'), Missing Synchronization, External Control of File Name or Path, Privilege Dropping / Lowering Errors, Use of Web Browser Cache Containing Sensitive Information Background Critical Infrastructure Sectors: Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities Countries/Areas Deployed: Worldwide Company Headquarters Location: Germany

EPSS 0.01% · 1.0th percentile

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
EPSS Score
0.01%
1.0th percentile

Timeline

  • Jan 31, 2026 EPSS Score
  • Jan 31, 2026 CVE Published
  • Feb 2, 2026 EPSS Score
  • Feb 5, 2026 EPSS Score
  • Feb 7, 2026 EPSS Score
  • Feb 10, 2026 EPSS Score
  • Feb 12, 2026 EPSS Score
  • Feb 14, 2026 EPSS Score
  • Feb 17, 2026 EPSS Score
  • Feb 19, 2026 EPSS Score
  • Feb 21, 2026 EPSS Score
  • Feb 24, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›