ID
VAR-202512-0221
CVE
CVE-2024-56837
DESCRIPTION
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). Due to the insufficient validation during the installation and load of certain configuration files of the affected device, an attacker could spawn a reverse shell and gain root access on the affected system.
Trust: 1.0
AFFECTED PRODUCTS
| vendor: | siemens | model: | ruggedcom rox ii | scope: | lt | version: | 2.17.0 | Trust: 1.0 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-77 | Trust: 1.0 |
EXTERNAL IDS
| db: | SIEMENS | id: | SSA-912274 | Trust: 1.0 |
| db: | NVD | id: | CVE-2024-56837 | Trust: 1.0 |
REFERENCES
| url: | https://cert-portal.siemens.com/productcert/html/ssa-912274.html | Trust: 1.0 |
SOURCES
| db: | NVD | id: | CVE-2024-56837 |
LAST UPDATE DATE
2026-01-14T23:31:03.784000+00:00
SOURCES UPDATE DATE
| db: | NVD | id: | CVE-2024-56837 | date: | 2026-01-13T10:15:56.970 |
SOURCES RELEASE DATE
| db: | NVD | id: | CVE-2024-56837 | date: | 2025-12-09T16:17:28.940 |