cve-2024-39675
Vulnerability from cvelistv5
Published
2024-07-09 12:05
Modified
2024-08-02 04:26
Severity ?
EPSS score ?
Summary
A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM RMC30NC (All versions < V4.3.10), RUGGEDCOM RP110 (All versions < V4.3.10), RUGGEDCOM RP110NC (All versions < V4.3.10), RUGGEDCOM RS400 (All versions < V4.3.10), RUGGEDCOM RS400NC (All versions < V4.3.10), RUGGEDCOM RS401 (All versions < V4.3.10), RUGGEDCOM RS401NC (All versions < V4.3.10), RUGGEDCOM RS416 (All versions < V4.3.10), RUGGEDCOM RS416NC (All versions < V4.3.10), RUGGEDCOM RS416NCv2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416P (All versions < V4.3.10), RUGGEDCOM RS416PNC (All versions < V4.3.10), RUGGEDCOM RS416PNCv2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.9.0), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.10), RUGGEDCOM RS416v2 V5.X (All versions < V5.9.0), RUGGEDCOM RS910 (All versions < V4.3.10), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910LNC (All versions), RUGGEDCOM RS910NC (All versions < V4.3.10), RUGGEDCOM RS910W (All versions < V4.3.10), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920LNC (All versions), RUGGEDCOM RS920W (All versions). In some configurations the affected products wrongly enable the Modbus service in non-managed VLANS. Only serial devices are affected by this vulnerability.
References
Impacted products
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rmc30:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rmc30", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rmc30nc:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rmc30nc", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rp110:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rp110", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rp110nc:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rp110nc", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs400:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs400", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs400nc:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs400nc", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs401:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs401", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs401nc:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs401nc", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416nc:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416nc", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416ncv2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416ncv2", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416ncv2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416ncv2", "vendor": "siemens", "versions": [ { "lessThan": "5.9.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416p:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416p", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416pnc:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416pnc", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416pncv2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416pncv2", "vendor": "siemens", "versions": [ { "lessThan": "5.9.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416pncv2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416pncv2", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416pv2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416pv2", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416pv2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416pv2", "vendor": "siemens", "versions": [ { "lessThan": "5.9.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416v2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416v2", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs416v2:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs416v2", "vendor": "siemens", "versions": [ { "lessThan": "5.9.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs910:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs910", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs910l:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs910l", "vendor": "siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs920l:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs920l", "vendor": "siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs910lnc:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs910lnc", "vendor": "siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs910nc:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs910nc", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs920lnc:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs920lnc", "vendor": "siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs910w:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs910w", "vendor": "siemens", "versions": [ { "lessThan": "4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:siemens:ruggedcom_ros_rs920w:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "ruggedcom_ros_rs920w", "vendor": "siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-39675", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-09T13:14:06.893152Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-11T17:59:32.631Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T04:26:16.017Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-170375.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unknown", "product": "RUGGEDCOM RMC30", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RMC30NC", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RP110", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RP110NC", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS400", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS400NC", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS401", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS401NC", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416NC", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416NCv2 V4.X", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416NCv2 V5.X", "vendor": "Siemens", "versions": [ { "lessThan": "V5.9.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416P", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416PNC", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416PNCv2 V4.X", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416PNCv2 V5.X", "vendor": "Siemens", "versions": [ { "lessThan": "V5.9.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416Pv2 V4.X", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416Pv2 V5.X", "vendor": "Siemens", "versions": [ { "lessThan": "V5.9.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416v2 V4.X", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS416v2 V5.X", "vendor": "Siemens", "versions": [ { "lessThan": "V5.9.0", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS910", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS910L", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS910LNC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS910NC", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS910W", "vendor": "Siemens", "versions": [ { "lessThan": "V4.3.10", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS920L", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS920LNC", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] }, { "defaultStatus": "unknown", "product": "RUGGEDCOM RS920W", "vendor": "Siemens", "versions": [ { "lessThan": "*", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability has been identified in RUGGEDCOM RMC30 (All versions \u003c V4.3.10), RUGGEDCOM RMC30NC (All versions \u003c V4.3.10), RUGGEDCOM RP110 (All versions \u003c V4.3.10), RUGGEDCOM RP110NC (All versions \u003c V4.3.10), RUGGEDCOM RS400 (All versions \u003c V4.3.10), RUGGEDCOM RS400NC (All versions \u003c V4.3.10), RUGGEDCOM RS401 (All versions \u003c V4.3.10), RUGGEDCOM RS401NC (All versions \u003c V4.3.10), RUGGEDCOM RS416 (All versions \u003c V4.3.10), RUGGEDCOM RS416NC (All versions \u003c V4.3.10), RUGGEDCOM RS416NCv2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416NCv2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS416P (All versions \u003c V4.3.10), RUGGEDCOM RS416PNC (All versions \u003c V4.3.10), RUGGEDCOM RS416PNCv2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416PNCv2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS416Pv2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416Pv2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS416v2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416v2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS910 (All versions \u003c V4.3.10), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910LNC (All versions), RUGGEDCOM RS910NC (All versions \u003c V4.3.10), RUGGEDCOM RS910W (All versions \u003c V4.3.10), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920LNC (All versions), RUGGEDCOM RS920W (All versions). In some configurations the affected products wrongly enable the Modbus service in non-managed VLANS. Only serial devices are affected by this vulnerability." } ], "metrics": [ { "cvssV3_1": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" } }, { "cvssV4_0": { "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-497", "description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-09T12:05:18.310Z", "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "shortName": "siemens" }, "references": [ { "url": "https://cert-portal.siemens.com/productcert/html/ssa-170375.html" } ] } }, "cveMetadata": { "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77", "assignerShortName": "siemens", "cveId": "CVE-2024-39675", "datePublished": "2024-07-09T12:05:18.310Z", "dateReserved": "2024-06-27T11:41:41.875Z", "dateUpdated": "2024-08-02T04:26:16.017Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2024-39675\",\"sourceIdentifier\":\"productcert@siemens.com\",\"published\":\"2024-07-09T12:15:17.180\",\"lastModified\":\"2024-11-21T09:28:11.780\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability has been identified in RUGGEDCOM RMC30 (All versions \u003c V4.3.10), RUGGEDCOM RMC30NC (All versions \u003c V4.3.10), RUGGEDCOM RP110 (All versions \u003c V4.3.10), RUGGEDCOM RP110NC (All versions \u003c V4.3.10), RUGGEDCOM RS400 (All versions \u003c V4.3.10), RUGGEDCOM RS400NC (All versions \u003c V4.3.10), RUGGEDCOM RS401 (All versions \u003c V4.3.10), RUGGEDCOM RS401NC (All versions \u003c V4.3.10), RUGGEDCOM RS416 (All versions \u003c V4.3.10), RUGGEDCOM RS416NC (All versions \u003c V4.3.10), RUGGEDCOM RS416NCv2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416NCv2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS416P (All versions \u003c V4.3.10), RUGGEDCOM RS416PNC (All versions \u003c V4.3.10), RUGGEDCOM RS416PNCv2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416PNCv2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS416Pv2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416Pv2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS416v2 V4.X (All versions \u003c V4.3.10), RUGGEDCOM RS416v2 V5.X (All versions \u003c V5.9.0), RUGGEDCOM RS910 (All versions \u003c V4.3.10), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910LNC (All versions), RUGGEDCOM RS910NC (All versions \u003c V4.3.10), RUGGEDCOM RS910W (All versions \u003c V4.3.10), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920LNC (All versions), RUGGEDCOM RS920W (All versions). In some configurations the affected products wrongly enable the Modbus service in non-managed VLANS. Only serial devices are affected by this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Se ha identificado una vulnerabilidad en RUGGEDCOM RMC30 (Todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RMC30NC (Todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RP110 (Todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RP110NC (Todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS400 (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS400NC (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS401 (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS401NC (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS416 (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS416NC (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS416NCv2 V4.X (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS416NCv2 V5.X (todas las versiones \u0026lt; V5.9.0), RUGGEDCOM RS416P (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS416PNC (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS416PNCv2 V4.X (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS416PNCv2 V5.X (todas las versiones \u0026lt; V5.9.0), RUGGEDCOM RS416Pv2 V4.X ( Todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS416Pv2 V5.X (Todas las versiones \u0026lt; V5.9.0), RUGGEDCOM RS416v2 V4.X (Todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS416v2 V5.X (Todas las versiones \u0026lt; V5.9.0), RUGGEDCOM RS910 (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS910L (todas las versiones), RUGGEDCOM RS910LNC (todas las versiones), RUGGEDCOM RS910NC (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS910W (todas las versiones \u0026lt; V4.3.10), RUGGEDCOM RS920L ( Todas las versiones), RUGGEDCOM RS920LNC (Todas las versiones), RUGGEDCOM RS920W (Todas las versiones). En algunas configuraciones los productos afectados habilitan err\u00f3neamente el servicio Modbus en VLAN no gestionadas. S\u00f3lo los dispositivos serie se ven afectados por esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"HIGH\",\"vulnerableSystemIntegrity\":\"HIGH\",\"vulnerableSystemAvailability\":\"HIGH\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"productcert@siemens.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-497\"}]}],\"references\":[{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-170375.html\",\"source\":\"productcert@siemens.com\"},{\"url\":\"https://cert-portal.siemens.com/productcert/html/ssa-170375.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.