← Retour aux CVEs
CVE-2024-27941
HIGH8.8
Description
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database.
Details CVE
Score CVSS v3.18.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisLOW
Interaction utilisateurNONE
Publie5/14/2024
Derniere modification2/6/2025
Sourcenvd
Observations honeypot0
Produits affectes
siemens:ruggedcom_crossbow
Faiblesses (CWE)
CWE-89
References
https://cert-portal.siemens.com/productcert/html/ssa-916916.html(productcert@siemens.com)
https://cert-portal.siemens.com/productcert/html/ssa-916916.html(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.