8.8
CVE-2025-41224
- EPSS 0.04%
- Veröffentlicht 08.07.2025 10:35:09
- Zuletzt bearbeitet 08.07.2025 16:18:14
- Quelle productcert@siemens.com
- Teams Watchlist Login
- Unerledigt Login
A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.10.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GNC(32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900NC(32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100NC(32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100PNC (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2288NC V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300NC V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300PNC V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488NC V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSG920PNC V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RSL910NC (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). The affected products do not properly enforce interface access restrictions when changing from management to non-management interface configurations until a system reboot occurs, despite configuration being saved. This could allow an attacker with network access and credentials to gain access to device through non-management and maintain SSH access to the device until reboot.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerSiemens
≫
Produkt
RUGGEDCOM RMC8388 V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RMC8388NC V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RS416NCv2 V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RS416PNCv2 V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RS416Pv2 V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RS416v2 V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RS900 (32M) V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RS900G (32M) V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RS900GNC(32M) V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RS900NC(32M) V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2100 (32M) V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2100NC(32M) V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2100P (32M) V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2100PNC (32M) V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2288 V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2288NC V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2300 V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2300NC V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2300P V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2300PNC V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2488 V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG2488NC V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG907R
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG908C
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG909R
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG910C
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG920P V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSG920PNC V5.X
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSL910
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RSL910NC
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RST2228
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RST2228P
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RST916C
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
HerstellerSiemens
≫
Produkt
RUGGEDCOM RST916P
Default Statusunknown
Version <
V5.10.0
Version
0
Status
affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.11 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| productcert@siemens.com | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| productcert@siemens.com | 7.7 | 0 | 0 |
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-693 Protection Mechanism Failure
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.