Unrated severityNVD Advisory· Published Aug 13, 2024· Updated Aug 13, 2024

CVE-2024-41977

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices.

Affected products

Siemens Foundation/RM1224 LTE(4G) EUcpe-rescue2 versions
0+ 1 more
- (no CPE)range: 0
- (no CPE)range: 0
Siemens Foundation/SCALANCE M804PBcpe-rescue
Range: 0
Siemens/SCALANCE M812-1 ADSL-Router familyv5
Range: 0
Siemens/SCALANCE M816-1 ADSL-Router familyv5
Range: 0
Siemens/SCALANCE M826-2 SHDSL-Routerv5
Range: 0
Siemens/SCALANCE M874-2v5
Range: 0
Siemens/SCALANCE M874-3v5
Range: 0
Siemens/SCALANCE M874-3 3G-Router (CN)v5
Range: 0
Siemens/SCALANCE M876-3v5
Range: 0
Siemens/SCALANCE M876-3 (ROK)v5
Range: 0
Siemens/SCALANCE M876-4v5
Range: 0
Siemens/SCALANCE M876-4 (EU)v5
Range: 0
Siemens/SCALANCE M876-4 (NAM)v5
Range: 0
Siemens/SCALANCE MUM853-1 (A1)v5
Range: 0
Siemens/SCALANCE MUM853-1 (B1)v5
Range: 0
Siemens/SCALANCE MUM853-1 (EU)v5
Range: 0
Siemens/SCALANCE MUM856-1 (A1)v5
Range: 0
Siemens/SCALANCE MUM856-1 (B1)v5
Range: 0
Siemens/SCALANCE MUM856-1 (CN)v5
Range: 0
Siemens/SCALANCE MUM856-1 (EU)v5
Range: 0
Siemens/SCALANCE MUM856-1 (RoW)v5
Range: 0
Siemens Foundation/SCALANCE S615 LAN-Routercpe-rescue2 versions
0+ 1 more
- (no CPE)range: 0
- (no CPE)range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert-portal.siemens.com/productcert/html/ssa-087301.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000