ID
VAR-202508-2142
TITLE
Multiple vulnerabilities in Siemens SINEC OS third-party components
Trust: 0.6
sources:
CNVD: CNVD-2025-19346
DESCRIPTION
The RUGGEDCOM RST2428P is a Layer 2 Ethernet switch based on the SINEC operating system with up to 28 non-blocking interfaces. SCALANCE X switches are used to connect industrial components such as programmable logic controllers (PLCs) or human-machine interfaces (HMIs). Multiple vulnerabilities in third-party components of Siemens' SINEC OS could allow attackers to gain control of the server.
Trust: 0.6
sources:
CNVD: CNVD-2025-19346
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2025-19346
AFFECTED PRODUCTS
| vendor: | siemens | model: | ruggedcom rst2428p | scope: | lt | version: | v3.1 | Trust: 0.6 |
| vendor: | siemens | model: | scalance xc-300/xr-300/xc-400/xr-500wg/xr-500 family | scope: | lt | version: | v3.1 | Trust: 0.6 |
| vendor: | siemens | model: | scalance xcm-/xrm-/xch-/xrh-300 family | scope: | lt | version: | v3.1 | Trust: 0.6 |
sources:
CNVD: CNVD-2025-19346
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2025-19346
PATCH
| title: | Patch for Multiple vulnerabilities in Siemens SINEC OS third-party components | url: | https://www.cnvd.org.cn/patchInfo/show/723071 | Trust: 0.6 |
sources:
CNVD: CNVD-2025-19346
EXTERNAL IDS
| db: | SIEMENS | id: | SSA-613116 | Trust: 0.6 |
| db: | CNVD | id: | CNVD-2025-19346 | Trust: 0.6 |
sources:
CNVD: CNVD-2025-19346
REFERENCES
| url: | https://cert-portal.siemens.com/productcert/html/ssa-613116.html | Trust: 0.6 |
sources:
CNVD: CNVD-2025-19346
SOURCES
| db: | CNVD | id: | CNVD-2025-19346 |
LAST UPDATE DATE
2025-08-25T23:28:52.052000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2025-19346 | date: | 2025-08-22T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2025-19346 | date: | 2025-08-12T00:00:00 |