CVE-2025-40935
Description
A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.10.1), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.1), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.1), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.1), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.1), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.1), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.1), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.1), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.1), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.1), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.1), RUGGEDCOM RSG907R (All versions < V5.10.1), RUGGEDCOM RSG908C (All versions < V5.10.1), RUGGEDCOM RSG909R (All versions < V5.10.1), RUGGEDCOM RSG910C (All versions < V5.10.1), RUGGEDCOM RSG920P V5.X (All versions < V5.10.1), RUGGEDCOM RSL910 (All versions < V5.10.1), RUGGEDCOM RST2228 (All versions < V5.10.1), RUGGEDCOM RST2228P (All versions < V5.10.1), RUGGEDCOM RST916C (All versions < V5.10.1), RUGGEDCOM RST916P (All versions < V5.10.1). Affected devices do not properly validate input during the TLS certificate upload process of the web service. This could allow an authenticated remote attacker to trigger a device crash and reboot, leading to a temporary Denial of Service on the device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper TLS certificate input validation in Siemens RUGGEDCOM ROS devices before V5.10.1 allows authenticated remote attackers to crash and reboot the device, causing temporary denial of service.
Vulnerability
Description
The vulnerability, identified in multiple RUGGEDCOM ROS-based devices, stems from improper validation of input during the TLS certificate upload process of the web service. The affected devices do not properly sanitize or verify TLS certificate data before processing, which can lead to a critical failure in the device's firmware handling. This flaw is present in all versions prior to V5.10.1 across a wide range of RUGGEDCOM models, including RMC8388, RS416Pv2, RS416v2, RS900 (32M), RS900G (32M), RSG2100 (32M), RSG2100P (32M), RSG2288, RSG2300, RSG2300P, RSG2488, RSG907R, RSG908C, RSG909R, RSG910C, RSG920P, RSL910, RST2228, RST2228P, RST916C, and RST916P [1].
Exploitation
Conditions
Exploitation requires an authenticated remote attacker with access to the device's web interface. The attacker must be able to upload a specially crafted TLS certificate that exploits the input validation gap. Since authentication is needed, the attack surface is limited to users who already have valid credentials, but in environments where credentials may be shared or weak, the risk increases. The attack is carried out over the network, not requiring physical access, and triggers a crash and immediate reboot of the device [1].
Impact
Successful exploitation results in a temporary denial of service (DoS) condition. The device crashes and restarts, causing a disruption of network connectivity and services provided by the RUGGEDCOM device. In critical infrastructure settings like electric utility substations or traffic control cabinets, even a brief outage can affect operational reliability. The DoS is temporary as the device reboots, but the impact could be repeated if the attacker continuously triggers the flaw [1].
Mitigation
Siemens has released firmware version V5.10.1 for all affected RUGGEDCOM ROS devices to address this vulnerability. Users are strongly recommended to update to the latest version as soon as possible. As a general security measure, Siemens also advises limiting network access to the devices, following industrial security guidelines, and using appropriate access controls [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: < V5.10.1
- Range: < V5.10.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.