8.8
CVE-2024-39675
- EPSS 0.09%
- Veröffentlicht 09.07.2024 12:15:17
- Zuletzt bearbeitet 21.11.2024 09:28:11
- Quelle productcert@siemens.com
- CVE-Watchlists
- Unerledigt
A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM RMC30NC (All versions < V4.3.10), RUGGEDCOM RP110 (All versions < V4.3.10), RUGGEDCOM RP110NC (All versions < V4.3.10), RUGGEDCOM RS400 (All versions < V4.3.10), RUGGEDCOM RS400NC (All versions < V4.3.10), RUGGEDCOM RS401 (All versions < V4.3.10), RUGGEDCOM RS401NC (All versions < V4.3.10), RUGGEDCOM RS416 (All versions < V4.3.10), RUGGEDCOM RS416NC (All versions < V4.3.10), RUGGEDCOM RS416NCv2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416P (All versions < V4.3.10), RUGGEDCOM RS416PNC (All versions < V4.3.10), RUGGEDCOM RS416PNCv2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416v2 V5.X (All versions < V5.9.0), RUGGEDCOM RS910 (All versions < V4.3.10), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910LNC (All versions), RUGGEDCOM RS910NC (All versions < V4.3.10), RUGGEDCOM RS910W (All versions < V4.3.10), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920LNC (All versions), RUGGEDCOM RS920W (All versions). In some configurations the affected products wrongly enable the Modbus service in non-managed VLANS. Only serial devices are affected by this vulnerability.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellersiemens
≫
Produkt
ruggedcom_ros_rmc30
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rmc30nc
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rp110
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rp110nc
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs400
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs400nc
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs401
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs401nc
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416nc
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416ncv2
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416ncv2
Default Statusunknown
Version <
5.9.0
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416p
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416pnc
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416pncv2
Default Statusunknown
Version <
5.9.0
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416pncv2
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416pv2
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416pv2
Default Statusunknown
Version <
5.9.0
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416v2
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs416v2
Default Statusunknown
Version <
5.9.0
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs910
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs910l
Default Statusunknown
Version <
*
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs920l
Default Statusunknown
Version <
*
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs910lnc
Default Statusunknown
Version <
*
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs910nc
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs920lnc
Default Statusunknown
Version <
*
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs910w
Default Statusunknown
Version <
4.3.10
Version
0
Status
affected
Herstellersiemens
≫
Produkt
ruggedcom_ros_rs920w
Default Statusunknown
Version <
*
Version
0
Status
affected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.252 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| productcert@siemens.com | 8.7 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
| productcert@siemens.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere
The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does.