HIGH🇬🇧 English

CVE-2024-41977

CVSS 7.3v4.0pub. 2024-08-13upd. 2024-08-23

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices.

oryginał EN
CVSS Vector
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Siemens Ruggedcom Rm1224 Lte\(4g\) Eu

    HW
    Siemens
    wszystkie wersje
  • Siemens Ruggedcom Rm1224 Lte\(4g\) Eu Firmware

    OS
    Siemens
    < 8.1
  • Siemens Ruggedcom Rm1224 Lte\(4g\) Nam

    HW
    Siemens
    wszystkie wersje
  • Siemens Ruggedcom Rm1224 Lte\(4g\) Nam Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M804pb

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M804pb Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M812 1 \(annex A\)

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M812 1 \(annex A\) Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M812 1 \(annex B\)

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M812 1 \(annex B\) Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M816 1 \(annex A\)

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M816 1 \(annex A\) Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M816 1 \(annex B\)

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M816 1 \(annex B\) Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M826 2 Shdsl Router

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M826 2 Shdsl Router Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M874 2

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M874 2 Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M874 3

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M874 3 3g Router \(cn\)

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M874 3 3g Router \(cn\) Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M874 3 Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M876 3

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M876 3 Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M876 3 \(rok\)

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M876 3 \(rok\) Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M876 4

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M876 4 \(eu\)

    HW
    Siemens
    wszystkie wersje
  • Siemens Scalance M876 4 \(eu\) Firmware

    OS
    Siemens
    < 8.1
  • Siemens Scalance M876 4 Firmware

    OS
    Siemens
    < 8.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-50557HIGH8.6ten sam produkt

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2),...

CVE-2024-50572HIGH8.6ten sam produkt

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2),...

CVE-2024-41978HIGH7.1ten sam produkt

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1),...

CVE-2024-41976HIGH8.6ten sam produkt

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1),...

CVE-2022-46140HIGH7.1ten sam produkt

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated...