CVE-2024-50557

HIGH EPSS 54.2%
Published Nov 12, 20241y ago · Modified Jun 17, 20261w ago
8.6 CVSS 4.0
High
Find Similar
Published Nov 12, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly validate input in configuration fields of the iperf functionality. This could allow an unauthenticated remote attacker to execute arbitrary code on the device.

CVSS Details

Base Score
8.6
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required High
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
54.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 52

VendorProductVersionRange
siemensruggedcom_rm1224_lte\(4g\)_eu_firmware* <8.2
siemensruggedcom_rm1224_lte\(4g\)_eu*any
siemensruggedcom_rm1224_lte\(4g\)_nam_firmware* <8.2
siemensruggedcom_rm1224_lte\(4g\)_nam*any
siemensscalance_m804pb_firmware* <8.2
siemensscalance_m804pb*any
siemensscalance_m812-1_\(annex_a\)_firmware* <8.2
siemensscalance_m812-1_\(annex_a\)*any
siemensscalance_m812-1_\(annex_b\)_firmware* <8.2
siemensscalance_m812-1_\(annex_b\)*any
siemensscalance_m816-1_\(annex_a\)_firmware* <8.2
siemensscalance_m816-1_\(annex_a\)*any
siemensscalance_m816-1_\(annex_b\)_firmware* <8.2
siemensscalance_m816-1_\(annex_b\)*any
siemensscalance_m826-2_firmware* <8.2
siemensscalance_m826-2*any
siemensscalance_m874-2_firmware* <8.2
siemensscalance_m874-2*any
siemensscalance_m874-3_firmware* <8.2
siemensscalance_m874-3*any
siemensscalance_m874-3_\(cn\)_firmware* <8.2
siemensscalance_m874-3_\(cn\)*any
siemensscalance_m876-3_firmware* <8.2
siemensscalance_m876-3*any
siemensscalance_m876-3_\(rok\)_firmware* <8.2
siemensscalance_m876-3_\(rok\)*any
siemensscalance_m876-4_firmware* <8.2
siemensscalance_m876-4*any
siemensscalance_m876-4_\(eu\)_firmware* <8.2
siemensscalance_m876-4_\(eu\)*any
siemensscalance_m876-4_\(nam\)_firmware* <8.2
siemensscalance_m876-4_\(nam\)*any
siemensscalance_mum853-1_\(a1\)_firmware* <8.2
siemensscalance_mum853-1_\(a1\)*any
siemensscalance_mum853-1_\(b1\)_firmware* <8.2
siemensscalance_mum853-1_\(b1\)*any
siemensscalance_mum853-1_\(eu\)_firmware* <8.2
siemensscalance_mum853-1_\(eu\)*any
siemensscalance_mum856-1_\(a1\)_firmware* <8.2
siemensscalance_mum856-1_\(a1\)*any
siemensscalance_mum856-1_\(b1\)_firmware* <8.2
siemensscalance_mum856-1_\(b1\)*any
siemensscalance_mum856-1_\(cn\)_firmware* <8.2
siemensscalance_mum856-1_\(cn\)*any
siemensscalance_mum856-1_\(eu\)_firmware* <8.2
siemensscalance_mum856-1_\(eu\)*any
siemensscalance_mum856-1_\(row\)_firmware* <8.2
siemensscalance_mum856-1_\(row\)*any
siemensscalance_s615_eec_firmware* <8.2
siemensscalance_s615_eec*any
siemensscalance_s615_firmware* <8.2
siemensscalance_s615*any

References 1

Remediation