Vulnetix
Try Vulnetix Request Demo
SSA-094954 PUBLISHED CVSS 7.599999904632568 HIGH

RUGGEDCOM ROX II devices do not properly limit access through their Built-In-Self-Test (BIST) mode. This could allow a local attacker to bypass authentication and access a root shell on the device. Siemens is preparing fix versions and recommends specific countermeasures for products where fixes are not, or not yet available.

Risk Scores

CVSS v3.1
7.599999904632568
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected Products

VendorProductVersions
RUGGEDCOM ROX RX1501
RUGGEDCOM ROX RX5000
RUGGEDCOM ROX MX5000RE
RUGGEDCOM ROX RX1510
RUGGEDCOM ROX RX1400
RUGGEDCOM ROX RX1500
RUGGEDCOM ROX MX5000
RUGGEDCOM ROX RX1536
RUGGEDCOM ROX RX1511
RUGGEDCOM ROX RX1524
RUGGEDCOM ROX RX1512

Timeline

References

Open in Interactive Console →