CVE-2024-41976

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly validate input in specific VPN configuration fields. This could allow an authenticated remote attacker to execute arbitrary code on the device.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_eu:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_nam_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_nam:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:scalance_m826-2_shdsl-router_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:siemens:scalance_m874-3_3g-router_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3_3g-router_\(cn\):-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-3_\(rok\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3_\(rok\):-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-4_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(eu\):-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:siemens:scalance_m876-4_\(nam\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(nam\):-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:siemens:scalance_mum853-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(a1\):-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:siemens:scalance_mum853-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(b1\):-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:siemens:scalance_mum853-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(eu\):-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(a1\):-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(b1\):-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(cn\):-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(eu\):-:*:*:*:*:*:*:*

Configuration 20 (hide)

AND
cpe:2.3:o:siemens:scalance_mum856-1_\(row\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(row\):-:*:*:*:*:*:*:*

Configuration 21 (hide)

AND
cpe:2.3:o:siemens:scalance_s615_eec_lan-router_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615_eec_lan-router:-:*:*:*:*:*:*:*

Configuration 22 (hide)

AND
cpe:2.3:o:siemens:scalance_s615_lan-router_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615_lan-router:-:*:*:*:*:*:*:*

Configuration 23 (hide)

AND
cpe:2.3:o:siemens:scalance_m812-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_a\):-:*:*:*:*:*:*:*

Configuration 24 (hide)

AND
cpe:2.3:o:siemens:scalance_m812-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_b\):-:*:*:*:*:*:*:*

Configuration 25 (hide)

AND
cpe:2.3:o:siemens:scalance_m816-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_a\):-:*:*:*:*:*:*:*

Configuration 26 (hide)

AND
cpe:2.3:o:siemens:scalance_m816-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_b\):-:*:*:*:*:*:*:*

History

23 Aug 2024, 18:40

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.2
v2 : unknown
v3 : 8.8
CPE cpe:2.3:h:siemens:scalance_mum856-1_\(cn\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m874-3_3g-router_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3_\(rok\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_s615_eec_lan-router_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m816-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3_3g-router_\(cn\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(b1\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-4_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(eu\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(row\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_b\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_nam:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:ruggedcom_rm1224_lte\(4g\)_eu:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m804pb_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_a\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(eu\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(cn\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m812-1_\(annex_b\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(a1\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m812-1_\(annex_a\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m812-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_eu_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum853-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m816-1_\(annex_b\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-4_\(nam\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum856-1_\(row\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(a1\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(nam\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum853-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615_lan-router:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(eu\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_s615_eec_lan-router:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m804pb:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m874-2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-4_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m826-2_shdsl-router_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rm1224_lte\(4g\)_nam_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_s615_lan-router_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-3:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m876-3_\(rok\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum856-1_\(b1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_mum853-1_\(a1\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m874-2:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m816-1_\(annex_a\)_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m876-4_\(eu\):-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_mum853-1_\(b1\):-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:scalance_m874-3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_m826-2_shdsl-router:-:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
First Time Siemens scalance M874-3 3g-router \(cn\) Firmware
Siemens scalance Mum853-1 \(eu\) Firmware
Siemens scalance Mum853-1 \(b1\)
Siemens scalance M876-4 \(nam\) Firmware
Siemens scalance M874-3 3g-router \(cn\)
Siemens scalance Mum856-1 \(a1\) Firmware
Siemens scalance Mum856-1 \(cn\) Firmware
Siemens scalance M874-2 Firmware
Siemens scalance M874-3 Firmware
Siemens scalance Mum856-1 \(b1\) Firmware
Siemens scalance M812-1 \(annex B\) Firmware
Siemens scalance M876-3 \(rok\) Firmware
Siemens scalance M816-1 \(annex A\) Firmware
Siemens scalance M812-1 \(annex A\) Firmware
Siemens scalance M812-1 \(annex A\)
Siemens scalance Mum853-1 \(a1\)
Siemens scalance Mum856-1 \(a1\)
Siemens scalance M874-2
Siemens scalance M876-4 \(eu\)
Siemens scalance S615 Lan-router
Siemens scalance M816-1 \(annex B\)
Siemens
Siemens scalance Mum856-1 \(row\) Firmware
Siemens ruggedcom Rm1224 Lte\(4g\) Nam
Siemens scalance M876-4 Firmware
Siemens scalance M804pb
Siemens scalance Mum853-1 \(eu\)
Siemens scalance M812-1 \(annex B\)
Siemens scalance M876-4 \(eu\) Firmware
Siemens ruggedcom Rm1224 Lte\(4g\) Nam Firmware
Siemens scalance M876-4 \(nam\)
Siemens scalance M876-4
Siemens ruggedcom Rm1224 Lte\(4g\) Eu
Siemens scalance Mum853-1 \(a1\) Firmware
Siemens scalance M876-3
Siemens scalance Mum856-1 \(row\)
Siemens scalance Mum856-1 \(b1\)
Siemens scalance S615 Eec Lan-router Firmware
Siemens scalance M826-2 Shdsl-router Firmware
Siemens scalance M826-2 Shdsl-router
Siemens scalance M816-1 \(annex B\) Firmware
Siemens scalance Mum856-1 \(eu\)
Siemens scalance S615 Eec Lan-router
Siemens scalance M816-1 \(annex A\)
Siemens scalance M874-3
Siemens scalance S615 Lan-router Firmware
Siemens scalance Mum853-1 \(b1\) Firmware
Siemens scalance M876-3 Firmware
Siemens scalance Mum856-1 \(cn\)
Siemens ruggedcom Rm1224 Lte\(4g\) Eu Firmware
Siemens scalance Mum856-1 \(eu\) Firmware
Siemens scalance M876-3 \(rok\)
Siemens scalance M804pb Firmware
References () https://cert-portal.siemens.com/productcert/html/ssa-087301.html - () https://cert-portal.siemens.com/productcert/html/ssa-087301.html - Vendor Advisory
Summary
  • (es) Se ha identificado una vulnerabilidad en RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (Todas las versiones &lt; V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (Todas las versiones &lt; V8.1 ), SCALANCE M804PB (6GK5804-0AP00-2AA2) (Todas las versiones &lt; V8.1), Familia de enrutadores ADSL SCALANCE M812-1 (Todas las versiones &lt; V8.1), Familia de enrutadores ADSL SCALANCE M816-1 (Todas las versiones &lt; V8 .1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (todas las versiones &lt; V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (todas las versiones &lt; V8.1), SCALANCE M874- 3 (6GK5874-3AA00-2AA2) (Todas las versiones &lt; V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (Todas las versiones &lt; V8.1), SCALANCE M876-3 (6GK5876- 3AA02-2BA2) (Todas las versiones &lt; V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (Todas las versiones &lt; V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (Todas las versiones &lt; V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (Todas las versiones &lt; V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (Todas las versiones &lt; V8.1 ), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (Todas las versiones &lt; V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (Todas las versiones &lt; V8.1), SCALANCE MUM853 -1 (UE) (6GK5853-2EA00-2DA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (B1 ) (6GK5856-2EA10-3BA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (EU) (6GK5856- 2EA00-3DA1) (Todas las versiones &lt; V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (Todas las versiones &lt; V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) ( Todas las versiones &lt; V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (Todas las versiones &lt; V8.1). Los dispositivos afectados no validan correctamente la entrada en campos de configuración de VPN específicos. Esto podría permitir que un atacante remoto autenticado ejecute código arbitrario en el dispositivo.

13 Aug 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-13 08:15

Updated : 2024-08-23 18:40


NVD link : CVE-2024-41976

Mitre link : CVE-2024-41976

CVE.ORG link : CVE-2024-41976


JSON object : View

Products Affected

siemens

  • scalance_mum856-1_\(a1\)
  • scalance_m816-1_\(annex_a\)
  • scalance_mum853-1_\(a1\)
  • scalance_m876-3_\(rok\)_firmware
  • scalance_m876-4_\(eu\)_firmware
  • scalance_mum856-1_\(b1\)
  • scalance_s615_lan-router_firmware
  • scalance_m812-1_\(annex_a\)_firmware
  • scalance_mum853-1_\(b1\)_firmware
  • scalance_s615_eec_lan-router
  • scalance_m812-1_\(annex_a\)
  • scalance_m874-2
  • scalance_m876-3
  • scalance_m876-4_firmware
  • scalance_m816-1_\(annex_b\)_firmware
  • scalance_m812-1_\(annex_b\)
  • scalance_mum856-1_\(cn\)_firmware
  • scalance_mum856-1_\(b1\)_firmware
  • scalance_m874-3_firmware
  • scalance_m874-2_firmware
  • ruggedcom_rm1224_lte\(4g\)_nam_firmware
  • scalance_mum853-1_\(a1\)_firmware
  • scalance_mum853-1_\(b1\)
  • scalance_m826-2_shdsl-router
  • scalance_m812-1_\(annex_b\)_firmware
  • scalance_m816-1_\(annex_a\)_firmware
  • ruggedcom_rm1224_lte\(4g\)_nam
  • scalance_mum856-1_\(cn\)
  • scalance_m804pb
  • scalance_mum856-1_\(eu\)
  • scalance_s615_eec_lan-router_firmware
  • scalance_m876-4_\(nam\)
  • ruggedcom_rm1224_lte\(4g\)_eu
  • scalance_m876-4
  • scalance_mum856-1_\(eu\)_firmware
  • scalance_m804pb_firmware
  • scalance_m876-4_\(nam\)_firmware
  • scalance_m874-3
  • scalance_m874-3_3g-router_\(cn\)
  • scalance_m816-1_\(annex_b\)
  • scalance_mum853-1_\(eu\)
  • ruggedcom_rm1224_lte\(4g\)_eu_firmware
  • scalance_m874-3_3g-router_\(cn\)_firmware
  • scalance_m826-2_shdsl-router_firmware
  • scalance_m876-4_\(eu\)
  • scalance_m876-3_\(rok\)
  • scalance_mum856-1_\(row\)_firmware
  • scalance_mum853-1_\(eu\)_firmware
  • scalance_mum856-1_\(row\)
  • scalance_s615_lan-router
  • scalance_m876-3_firmware
  • scalance_mum856-1_\(a1\)_firmware
CWE
NVD-CWE-noinfo CWE-20

Improper Input Validation