CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-56838

A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). The SCEP client available in the affected device for secure certificate enrollment lacks validation of multiple fields. An attacker could leverage this scenario to execute arbitrary code as root user.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.4%

CVSS Severity

CVSS v3 Score 7.2

References

https://cert-portal.siemens.com/productcert/html/ssa-912274.html

Products affected by CVE-2024-56838

Siemens » Ruggedcom Rox Ii » Version: N/A

cpe:2.3:h:siemens:ruggedcom_rox_ii:-
Siemens » Ruggedcom Rox Ii Firmware » Version: N/A

cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:-
Siemens » Ruggedcom Rox Ii Firmware » Version: 2.10.0

cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.10.0
Siemens » Ruggedcom Rox Ii Firmware » Version: 2.11.0

cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.11.0
Siemens » Ruggedcom Rox Ii Firmware » Version: 2.13.0

cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.13.0
Siemens » Ruggedcom Rox Ii Firmware » Version: 2.13.3

cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.13.3
Siemens » Ruggedcom Rox Ii Firmware » Version: 2.9.0

cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:2.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-56838

Products

Pricing

Contact Us