ID
VAR-202512-0220
CVE
CVE-2024-56838
DESCRIPTION
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). The SCEP client available in the affected device for secure certificate enrollment lacks validation of multiple fields. An attacker could leverage this scenario to execute arbitrary code as root user.
Trust: 1.0
sources:
NVD: CVE-2024-56838
AFFECTED PRODUCTS
| vendor: | siemens | model: | ruggedcom rox ii | scope: | lt | version: | 2.17.0 | Trust: 1.0 |
sources:
NVD: CVE-2024-56838
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||
|
|
sources:
NVD: CVE-2024-56838
PROBLEMTYPE DATA
| problemtype: | CWE-74 | Trust: 1.0 |
sources:
NVD: CVE-2024-56838
EXTERNAL IDS
| db: | SIEMENS | id: | SSA-912274 | Trust: 1.0 |
| db: | NVD | id: | CVE-2024-56838 | Trust: 1.0 |
sources:
NVD: CVE-2024-56838
REFERENCES
| url: | https://cert-portal.siemens.com/productcert/html/ssa-912274.html | Trust: 1.0 |
sources:
NVD: CVE-2024-56838
SOURCES
| db: | NVD | id: | CVE-2024-56838 |
LAST UPDATE DATE
2025-12-18T19:40:06.720000+00:00
SOURCES UPDATE DATE
| db: | NVD | id: | CVE-2024-56838 | date: | 2025-12-11T15:58:07.083 |
SOURCES RELEASE DATE
| db: | NVD | id: | CVE-2024-56838 | date: | 2025-12-09T16:17:29.120 |