CVE-2024-50572

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-50572
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

7.2 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://cert-portal.siemens.com/productcert/html/ssa-354112.html Patch Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-769027.html
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_eu:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_nam_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_nam:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:scalance_m812-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_a\):-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:scalance_m812-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_b\):-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:scalance_m816-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_a\):-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:scalance_m816-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_b\):-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:siemens:scalance_m874-3_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3_\(cn\):-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-3_\(rok\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3_\(rok\):-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-4_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(eu\):-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-4_\(nam\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(nam\):-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:siemens:scalance_mum853-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(a1\):-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:siemens:scalance_mum853-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(b1\):-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:siemens:scalance_mum853-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(eu\):-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(a1\):-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(b1\):-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(cn\):-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(eu\):-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(row\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(row\):-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
History

11 Feb 2025, 11:15

Type Values Removed Values Added
References
  • () https://cert-portal.siemens.com/productcert/html/ssa-769027.html -
Summary (en) A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. (en) A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell.

13 Nov 2024, 19:59

Type Values Removed Values Added
CPE cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_nam_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(eu\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_nam:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(a1\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(b1\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(cn\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(row\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum853-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(eu\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_b\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_eu:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m874-3_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m816-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615_eec:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_a\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum853-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_b\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(a1\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m812-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m812-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3_\(cn\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m826-2:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(eu\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3_\(rok\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_a\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_s615_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-3_\(rok\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-4_\(nam\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum853-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(row\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-4_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(nam\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m826-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_s615_eec_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m816-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(b1\):-:*:*:*:*:*:*:*
References () https://cert-portal.siemens.com/productcert/html/ssa-354112.html - () https://cert-portal.siemens.com/productcert/html/ssa-354112.html - Patch, Vendor Advisory
CWE CWE-77
First Time Siemens scalance S615
Siemens scalance M876-4 \(eu\) Firmware
Siemens ruggedcom Rm1224 Lte\(4g\) Nam
Siemens scalance S615 Eec
Siemens scalance M874-2
Siemens scalance Mum856-1 \(a1\) Firmware
Siemens scalance Mum856-1 \(eu\)
Siemens scalance Mum856-1 \(b1\) Firmware
Siemens scalance M876-4 \(nam\) Firmware
Siemens scalance S615 Eec Firmware
Siemens scalance M876-4
Siemens scalance M812-1 \(annex B\)
Siemens scalance Mum853-1 \(b1\)
Siemens scalance M876-3 \(rok\)
Siemens scalance Mum856-1 \(eu\) Firmware
Siemens scalance M876-3
Siemens
Siemens scalance M876-4 \(nam\)
Siemens scalance Mum856-1 \(cn\) Firmware
Siemens scalance Mum856-1 \(a1\)
Siemens scalance M804pb
Siemens scalance M876-4 \(eu\)
Siemens scalance M816-1 \(annex A\)
Siemens scalance M874-3
Siemens scalance S615 Firmware
Siemens scalance M812-1 \(annex A\) Firmware
Siemens scalance M812-1 \(annex A\)
Siemens scalance Mum856-1 \(b1\)
Siemens scalance Mum853-1 \(a1\)
Siemens ruggedcom Rm1224 Lte\(4g\) Eu
Siemens scalance M876-3 Firmware
Siemens scalance Mum856-1 \(row\) Firmware
Siemens scalance M816-1 \(annex B\)
Siemens scalance M874-3 \(cn\)
Siemens scalance M812-1 \(annex B\) Firmware
Siemens scalance Mum853-1 \(eu\)
Siemens scalance M874-2 Firmware
Siemens scalance Mum853-1 \(eu\) Firmware
Siemens scalance Mum853-1 \(b1\) Firmware
Siemens scalance M876-3 \(rok\) Firmware
Siemens scalance M816-1 \(annex B\) Firmware
Siemens scalance M826-2 Firmware
Siemens scalance M876-4 Firmware
Siemens ruggedcom Rm1224 Lte\(4g\) Nam Firmware
Siemens scalance M874-3 \(cn\) Firmware
Siemens scalance M804pb Firmware
Siemens scalance Mum856-1 \(cn\)
Siemens ruggedcom Rm1224 Lte\(4g\) Eu Firmware
Siemens scalance Mum856-1 \(row\)
Siemens scalance M816-1 \(annex A\) Firmware
Siemens scalance Mum853-1 \(a1\) Firmware
Siemens scalance M826-2
Siemens scalance M874-3 Firmware
Summary
  • (es) Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones &lt; V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones &lt; V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones &lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (Todas las versiones &lt; V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (Todas las versiones &lt; V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (Todas las versiones &lt; V8.2), Enrutador ADSL SCALANCE M816-1 (6GK5816-1BA00-2AA2) (Todas las versiones &lt; V8.2), Enrutador SHDSL SCALANCE M826-2 (6GK5826-2AB00-2AB2) (Todas las versiones &lt; V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (Todas las versiones &lt; V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (Todas las versiones &lt; V8.2), Enrutador 3G SCALANCE M874-3 (CN) (6GK5874-3AA00-2FA2) (Todas las versiones &lt; V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (Todas las versiones &lt; V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones &lt; V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones &lt; V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones &lt; V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones &lt; V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones &lt; V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones &lt; V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (Todas las versiones &lt; V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones &lt; V8.2), SCALANCE Enrutador LAN S615 EEC (6GK5615-0AA01-2AA2) (todas las versiones anteriores a la V8.2), enrutador LAN SCALANCE S615 (6GK5615-0AA00-2AA2) (todas las versiones anteriores a la V8.2). Los dispositivos afectados no desinfectan correctamente un campo de entrada. Esto podría permitir que un atacante remoto autenticado con privilegios administrativos inyecte código o genere un shell raíz del sistema.

12 Nov 2024, 13:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-11-12 13:15

Updated : 2025-02-11 11:15

NVD link : CVE-2024-50572

Mitre link : CVE-2024-50572

CVE.ORG link : CVE-2024-50572

JSON object : View

Products Affected

siemens

  • scalance_mum853-1_\(a1\)
  • scalance_m876-4_\(eu\)_firmware
  • scalance_s615_eec_firmware
  • scalance_m876-3_firmware
  • scalance_m812-1_\(annex_b\)
  • scalance_m876-3_\(rok\)
  • scalance_mum853-1_\(b1\)_firmware
  • scalance_m812-1_\(annex_b\)_firmware
  • scalance_mum853-1_\(a1\)_firmware
  • scalance_m876-3_\(rok\)_firmware
  • scalance_m876-4_\(eu\)
  • scalance_mum856-1_\(row\)
  • scalance_m804pb_firmware
  • scalance_mum856-1_\(cn\)_firmware
  • scalance_m804pb
  • scalance_m874-3_\(cn\)
  • scalance_m876-4_\(nam\)
  • scalance_m876-4
  • scalance_mum856-1_\(b1\)
  • scalance_m874-2_firmware
  • scalance_m874-3
  • scalance_m812-1_\(annex_a\)
  • scalance_mum856-1_\(a1\)_firmware
  • scalance_m874-2
  • scalance_m812-1_\(annex_a\)_firmware
  • scalance_mum856-1_\(b1\)_firmware
  • ruggedcom_rm1224_lte\(4g\)_eu
  • scalance_m874-3_firmware
  • scalance_m876-3
  • scalance_mum856-1_\(cn\)
  • scalance_mum856-1_\(eu\)
  • scalance_s615
  • scalance_m874-3_\(cn\)_firmware
  • scalance_mum853-1_\(eu\)_firmware
  • scalance_m816-1_\(annex_a\)_firmware
  • scalance_m876-4_\(nam\)_firmware
  • scalance_mum856-1_\(a1\)
  • scalance_mum853-1_\(b1\)
  • scalance_m876-4_firmware
  • scalance_s615_eec
  • scalance_s615_firmware
  • scalance_mum853-1_\(eu\)
  • scalance_m826-2_firmware
  • scalance_mum856-1_\(eu\)_firmware
  • ruggedcom_rm1224_lte\(4g\)_nam_firmware
  • scalance_mum856-1_\(row\)_firmware
  • scalance_m816-1_\(annex_b\)
  • scalance_m826-2
  • scalance_m816-1_\(annex_a\)
  • ruggedcom_rm1224_lte\(4g\)_nam
  • ruggedcom_rm1224_lte\(4g\)_eu_firmware
  • scalance_m816-1_\(annex_b\)_firmware
CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')