TROYANOSYVIRUS
Retour aux CVEs

CVE-2024-50559

MEDIUM
4.3

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate the filenames of the certificate. This could allow an authenticated remote attacker to append arbitrary values which will lead to compromise of integrity of the system.

Details CVE

Score CVSS v3.14.3
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vecteur d'attaqueNETWORK
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie11/12/2024
Derniere modification11/13/2024
Sourcenvd
Observations honeypot0

Produits affectes

siemens:ruggedcom_rm1224_lte\(4g\)_eusiemens:ruggedcom_rm1224_lte\(4g\)_eu_firmwaresiemens:ruggedcom_rm1224_lte\(4g\)_namsiemens:ruggedcom_rm1224_lte\(4g\)_nam_firmwaresiemens:scalance_m804pbsiemens:scalance_m804pb_firmwaresiemens:scalance_m812-1_\(annex_a\)siemens:scalance_m812-1_\(annex_a\)_firmwaresiemens:scalance_m812-1_\(annex_b\)siemens:scalance_m812-1_\(annex_b\)_firmwaresiemens:scalance_m816-1_\(annex_a\)siemens:scalance_m816-1_\(annex_a\)_firmwaresiemens:scalance_m816-1_\(annex_b\)siemens:scalance_m816-1_\(annex_b\)_firmwaresiemens:scalance_m826-2siemens:scalance_m826-2_firmwaresiemens:scalance_m874-2siemens:scalance_m874-2_firmwaresiemens:scalance_m874-3siemens:scalance_m874-3_\(cn\)siemens:scalance_m874-3_\(cn\)_firmwaresiemens:scalance_m874-3_firmwaresiemens:scalance_m876-3siemens:scalance_m876-3_\(rok\)siemens:scalance_m876-3_\(rok\)_firmwaresiemens:scalance_m876-3_firmwaresiemens:scalance_m876-4siemens:scalance_m876-4_\(eu\)siemens:scalance_m876-4_\(eu\)_firmwaresiemens:scalance_m876-4_\(nam\)siemens:scalance_m876-4_\(nam\)_firmwaresiemens:scalance_m876-4_firmwaresiemens:scalance_mum853-1_\(a1\)siemens:scalance_mum853-1_\(a1\)_firmwaresiemens:scalance_mum853-1_\(b1\)siemens:scalance_mum853-1_\(b1\)_firmwaresiemens:scalance_mum853-1_\(eu\)siemens:scalance_mum853-1_\(eu\)_firmwaresiemens:scalance_mum856-1_\(a1\)siemens:scalance_mum856-1_\(a1\)_firmwaresiemens:scalance_mum856-1_\(b1\)siemens:scalance_mum856-1_\(b1\)_firmwaresiemens:scalance_mum856-1_\(cn\)siemens:scalance_mum856-1_\(cn\)_firmwaresiemens:scalance_mum856-1_\(eu\)siemens:scalance_mum856-1_\(eu\)_firmwaresiemens:scalance_mum856-1_\(row\)siemens:scalance_mum856-1_\(row\)_firmwaresiemens:scalance_s615siemens:scalance_s615_eecsiemens:scalance_s615_eec_firmwaresiemens:scalance_s615_firmware

Faiblesses (CWE)

CWE-22

References

https://cert-portal.siemens.com/productcert/html/ssa-354112.html(productcert@siemens.com)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.