CVE-2024-41976

HIGH EPSS 50.9%
Published Aug 13, 20241y ago · Modified Jun 17, 20262w ago
8.6 CVSS 4.0
High
Find Similar
Published Aug 13, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device.

CVSS Details

Base Score
8.6
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required High
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
50.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 52

VendorProductVersionRange
siemensruggedcom_rm1224_lte\(4g\)_eu_firmware* <8.1
siemensruggedcom_rm1224_lte\(4g\)_eu*any
siemensruggedcom_rm1224_lte\(4g\)_nam_firmware* <8.1
siemensruggedcom_rm1224_lte\(4g\)_nam*any
siemensscalance_m804pb_firmware* <8.1
siemensscalance_m804pb*any
siemensscalance_m826-2_shdsl-router_firmware* <8.1
siemensscalance_m826-2_shdsl-router*any
siemensscalance_m874-2_firmware* <8.1
siemensscalance_m874-2*any
siemensscalance_m874-3_firmware* <8.1
siemensscalance_m874-3*any
siemensscalance_m876-3_firmware* <8.1
siemensscalance_m876-3*any
siemensscalance_m876-4_firmware* <8.1
siemensscalance_m876-4*any
siemensscalance_m874-3_3g-router_\(cn\)_firmware* <8.1
siemensscalance_m874-3_3g-router_\(cn\)*any
siemensscalance_m876-3_\(rok\)_firmware* <8.1
siemensscalance_m876-3_\(rok\)*any
siemensscalance_m876-4_\(eu\)_firmware* <8.1
siemensscalance_m876-4_\(eu\)*any
siemensscalance_m876-4_\(nam\)_firmware* <8.1
siemensscalance_m876-4_\(nam\)*any
siemensscalance_mum853-1_\(a1\)_firmware* <8.1
siemensscalance_mum853-1_\(a1\)*any
siemensscalance_mum853-1_\(b1\)_firmware* <8.1
siemensscalance_mum853-1_\(b1\)*any
siemensscalance_mum853-1_\(eu\)_firmware* <8.1
siemensscalance_mum853-1_\(eu\)*any
siemensscalance_mum856-1_\(a1\)_firmware* <8.1
siemensscalance_mum856-1_\(a1\)*any
siemensscalance_mum856-1_\(b1\)_firmware* <8.1
siemensscalance_mum856-1_\(b1\)*any
siemensscalance_mum856-1_\(cn\)_firmware* <8.1
siemensscalance_mum856-1_\(cn\)*any
siemensscalance_mum856-1_\(eu\)_firmware* <8.1
siemensscalance_mum856-1_\(eu\)*any
siemensscalance_mum856-1_\(row\)_firmware* <8.1
siemensscalance_mum856-1_\(row\)*any
siemensscalance_s615_eec_lan-router_firmware* <8.1
siemensscalance_s615_eec_lan-router*any
siemensscalance_s615_lan-router_firmware* <8.1
siemensscalance_s615_lan-router*any
siemensscalance_m812-1_\(annex_a\)_firmware* <8.1
siemensscalance_m812-1_\(annex_a\)*any
siemensscalance_m812-1_\(annex_b\)_firmware* <8.1
siemensscalance_m812-1_\(annex_b\)*any
siemensscalance_m816-1_\(annex_a\)_firmware* <8.1
siemensscalance_m816-1_\(annex_a\)*any
siemensscalance_m816-1_\(annex_b\)_firmware* <8.1
siemensscalance_m816-1_\(annex_b\)*any

References 1

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.