Published: 14/09/2021 Updated: 14/12/2021

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.14.1), RUGGEDCOM ROX RX1400 (All versions < V2.14.1), RUGGEDCOM ROX RX1500 (All versions < V2.14.1), RUGGEDCOM ROX RX1501 (All versions < V2.14.1), RUGGEDCOM ROX RX1510 (All versions < V2.14.1), RUGGEDCOM ROX RX1511 (All versions < V2.14.1), RUGGEDCOM ROX RX1512 (All versions < V2.14.1), RUGGEDCOM ROX RX1524 (All versions < V2.14.1), RUGGEDCOM ROX RX1536 (All versions < V2.14.1), RUGGEDCOM ROX RX5000 (All versions < V2.14.1). The command line interface of affected devices insufficiently restrict file read and write operations for low privileged users. This could allow an authenticated remote malicious user to escalate privileges and gain root access to the device.

Vulnerable Product	Search on Vulmon	Subscribe to Product
siemens ruggedcom_rox_rx1400_firmware
siemens ruggedcom_rox_mx5000_firmware
siemens ruggedcom_rox_rx1500_firmware
siemens ruggedcom_rox_rx1501_firmware
siemens ruggedcom_rox_rx1510_firmware
siemens ruggedcom_rox_rx1511_firmware
siemens ruggedcom_rox_rx1512_firmware
siemens ruggedcom_rox_rx1524_firmware
siemens ruggedcom_rox_rx1536_firmware
siemens ruggedcom_rox_rx5000_firmware

CWE-269 https://cert-portal.siemens.com/productcert/pdf/ssa-150692.pdf https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-37173

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect