CVE-2024-50560

LOW EPSS 19.0%
Published Nov 12, 20241y ago · Modified Jun 17, 20262w ago
2.3 CVSS 4.0
Low
Find Similar
Published Nov 12, 2024 1y ago
Last Modified Jun 17, 2026 2w ago

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2), SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3.0.0), SCALANCE WAM763-1 (6GK5763-1AL00-7DA0) (All versions < V3.0.0), SCALANCE WAM763-1 (ME) (6GK5763-1AL00-7DC0) (All versions < V3.0.0), SCALANCE WAM763-1 (US) (6GK5763-1AL00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 (6GK5766-1GE00-7DA0) (All versions < V3.0.0), SCALANCE WAM766-1 (ME) (6GK5766-1GE00-7DC0) (All versions < V3.0.0), SCALANCE WAM766-1 (US) (6GK5766-1GE00-7DB0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (6GK5766-1GE00-7TA0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (ME) (6GK5766-1GE00-7TC0) (All versions < V3.0.0), SCALANCE WAM766-1 EEC (US) (6GK5766-1GE00-7TB0) (All versions < V3.0.0), SCALANCE WUB762-1 (6GK5762-1AJ00-1AA0) (All versions < V3.0.0), SCALANCE WUB762-1 iFeatures (6GK5762-1AJ00-2AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3AA0) (All versions < V3.0.0), SCALANCE WUM763-1 (6GK5763-1AL00-3DA0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3AB0) (All versions < V3.0.0), SCALANCE WUM763-1 (US) (6GK5763-1AL00-3DB0) (All versions < V3.0.0), SCALANCE WUM766-1 (6GK5766-1GE00-3DA0) (All versions < V3.0.0), SCALANCE WUM766-1 (ME) (6GK5766-1GE00-3DC0) (All versions < V3.0.0), SCALANCE WUM766-1 (USA) (6GK5766-1GE00-3DB0) (All versions < V3.0.0). Affected devices truncates usernames longer than 15 characters when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity.

CVSS Details

Base Score
2.3
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity High
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
19.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 52

VendorProductVersionRange
siemensruggedcom_rm1224_lte\(4g\)_eu_firmware* <8.2
siemensruggedcom_rm1224_lte\(4g\)_eu*any
siemensruggedcom_rm1224_lte\(4g\)_nam_firmware* <8.2
siemensruggedcom_rm1224_lte\(4g\)_nam*any
siemensscalance_m804pb_firmware* <8.2
siemensscalance_m804pb*any
siemensscalance_m812-1_\(annex_a\)_firmware* <8.2
siemensscalance_m812-1_\(annex_a\)*any
siemensscalance_m812-1_\(annex_b\)_firmware* <8.2
siemensscalance_m812-1_\(annex_b\)*any
siemensscalance_m816-1_\(annex_a\)_firmware* <8.2
siemensscalance_m816-1_\(annex_a\)*any
siemensscalance_m816-1_\(annex_b\)_firmware* <8.2
siemensscalance_m816-1_\(annex_b\)*any
siemensscalance_m826-2_firmware* <8.2
siemensscalance_m826-2*any
siemensscalance_m874-2_firmware* <8.2
siemensscalance_m874-2*any
siemensscalance_m874-3_firmware* <8.2
siemensscalance_m874-3*any
siemensscalance_m874-3_\(cn\)_firmware* <8.2
siemensscalance_m874-3_\(cn\)*any
siemensscalance_m876-3_firmware* <8.2
siemensscalance_m876-3*any
siemensscalance_m876-3_\(rok\)_firmware* <8.2
siemensscalance_m876-3_\(rok\)*any
siemensscalance_m876-4_firmware* <8.2
siemensscalance_m876-4*any
siemensscalance_m876-4_\(eu\)_firmware* <8.2
siemensscalance_m876-4_\(eu\)*any
siemensscalance_m876-4_\(nam\)_firmware* <8.2
siemensscalance_m876-4_\(nam\)*any
siemensscalance_mum853-1_\(a1\)_firmware* <8.2
siemensscalance_mum853-1_\(a1\)*any
siemensscalance_mum853-1_\(b1\)_firmware* <8.2
siemensscalance_mum853-1_\(b1\)*any
siemensscalance_mum853-1_\(eu\)_firmware* <8.2
siemensscalance_mum853-1_\(eu\)*any
siemensscalance_mum856-1_\(a1\)_firmware* <8.2
siemensscalance_mum856-1_\(a1\)*any
siemensscalance_mum856-1_\(b1\)_firmware* <8.2
siemensscalance_mum856-1_\(b1\)*any
siemensscalance_mum856-1_\(cn\)_firmware* <8.2
siemensscalance_mum856-1_\(cn\)*any
siemensscalance_mum856-1_\(eu\)_firmware* <8.2
siemensscalance_mum856-1_\(eu\)*any
siemensscalance_mum856-1_\(row\)_firmware* <8.2
siemensscalance_mum856-1_\(row\)*any
siemensscalance_s615_eec_firmware* <8.2
siemensscalance_s615_eec*any
siemensscalance_s615_firmware* <8.2
siemensscalance_s615*any

References 2

Remediation