SSA-150692 — Vulnetix

SSA-150692 PUBLISHED CVSS 8.800000190734863 HIGH

Multiple vulnerabilities in RUGGEDCOM ROX devices have been detected, ranging from command injection to filesystem traversal. An attacker could exploit these to gain root access to the affected devices. Siemens has released updates for the affected products and recommends to update to the latest versions.

Risk Scores

CVSS 3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C

Affected Products

Vendor	Product	Versions
	RUGGEDCOM ROX RX1524
	RUGGEDCOM ROX RX1500
	RUGGEDCOM ROX RX1501
	RUGGEDCOM ROX MX5000
	RUGGEDCOM ROX RX1511
	RUGGEDCOM ROX RX1510
	RUGGEDCOM ROX RX5000
	RUGGEDCOM ROX RX1512
	RUGGEDCOM ROX RX1400
	RUGGEDCOM ROX RX1536

Exploit Intelligence

https://cert-portal.siemens.com/productcert/pdf/ssa-150692.pdf (circl)
https://cert-portal.siemens.com/productcert/txt/ssa-150692.txt (circl)
https://cert-portal.siemens.com/productcert/csaf/ssa-150692.json (circl)
https://support.industry.siemens.com/cs/ww/en/view/109800780/ (circl)

Timeline

CVE Published

References

https://cert-portal.siemens.com/productcert/pdf/ssa-150692.pdf advisory
https://cert-portal.siemens.com/productcert/txt/ssa-150692.txt advisory
https://cert-portal.siemens.com/productcert/csaf/ssa-150692.json advisory
https://support.industry.siemens.com/cs/ww/en/view/109800780/ fix

Open in Interactive Console →