ID
VAR-202512-0224
CVE
CVE-2024-56835
DESCRIPTION
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.0), RUGGEDCOM ROX MX5000RE (All versions < V2.17.0), RUGGEDCOM ROX RX1400 (All versions < V2.17.0), RUGGEDCOM ROX RX1500 (All versions < V2.17.0), RUGGEDCOM ROX RX1501 (All versions < V2.17.0), RUGGEDCOM ROX RX1510 (All versions < V2.17.0), RUGGEDCOM ROX RX1511 (All versions < V2.17.0), RUGGEDCOM ROX RX1512 (All versions < V2.17.0), RUGGEDCOM ROX RX1524 (All versions < V2.17.0), RUGGEDCOM ROX RX1536 (All versions < V2.17.0), RUGGEDCOM ROX RX5000 (All versions < V2.17.0). The DHCP Server configuration file of the affected products is subject to code injection. An attacker could leverage this vulnerability to spawn a reverse shell and gain root access on the affected system.
Trust: 1.0
AFFECTED PRODUCTS
| vendor: | siemens | model: | ruggedcom rox ii | scope: | lt | version: | 2.17.0 | Trust: 1.0 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-74 | Trust: 1.0 |
EXTERNAL IDS
| db: | SIEMENS | id: | SSA-912274 | Trust: 1.0 |
| db: | NVD | id: | CVE-2024-56835 | Trust: 1.0 |
REFERENCES
| url: | https://cert-portal.siemens.com/productcert/html/ssa-912274.html | Trust: 1.0 |
SOURCES
| db: | NVD | id: | CVE-2024-56835 |
LAST UPDATE DATE
2026-01-14T23:31:03.761000+00:00
SOURCES UPDATE DATE
| db: | NVD | id: | CVE-2024-56835 | date: | 2026-01-13T10:15:56.650 |
SOURCES RELEASE DATE
| db: | NVD | id: | CVE-2024-56835 | date: | 2025-12-09T16:17:28.580 |