CVE-2025-41224
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-08

Last updated on: 2025-07-08

Assigner: Siemens AG

Description
A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.10.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GNC(32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900NC(32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100NC(32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100PNC (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2288NC V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300NC V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300PNC V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488NC V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSG920PNC V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RSL910NC (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). The affected products do not properly enforce interface access restrictions when changing from management to non-management interface configurations until a system reboot occurs, despite configuration being saved. This could allow an attacker with network access and credentials to gain access to device through non-management and maintain SSH access to the device until reboot.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-08
Last Modified
2025-07-08
Generated
2026-05-07
AI Q&A
2025-07-08
EPSS Evaluated
2026-05-05
NVD
CVE-2025-41224
EUVD
EUVD-2025-20424
Affected Vendors & Products
Showing 34 associated CPEs
Vendor Product Version / Range
siemens ruggedcom_rsg907r v5.0
siemens ruggedcom_rsl910 v5.0
siemens ruggedcom_rsg909r v5.0
siemens ruggedcom_rst2228 v5.0
siemens ruggedcom_rst916c v5.0
siemens ruggedcom_rs416pncv2 v5.0
siemens ruggedcom_rsg2300pnc v5.0
siemens ruggedcom_rsg2300p v5.0
siemens ruggedcom_rsg2288 v5.0
siemens ruggedcom_rsg2488 v5.0
siemens ruggedcom_rs900 v5.0
siemens ruggedcom_rst2228p v5.0
siemens ruggedcom_rsg2288nc v5.0
siemens ruggedcom_rs900g v5.0
siemens ruggedcom_rsg2488nc v5.0
siemens ruggedcom_rmc8388nc v5.0
siemens ruggedcom_rsg2100 v5.0
siemens ruggedcom_rs416pv2 v5.0
siemens ruggedcom_rsg2300nc v5.0
siemens ruggedcom_rsg2100p v5.0
siemens ruggedcom_rsl910nc v5.0
siemens ruggedcom_rsg920p v5.0
siemens ruggedcom_rs416nc v5.0
siemens ruggedcom_rs900nc v5.0
siemens ruggedcom_rsg2100pnc v5.0
siemens ruggedcom_rsg2300 v5.0
siemens ruggedcom_rsg920pnc v5.0
siemens ruggedcom_rsg908c v5.0
siemens ruggedcom_rs416v2 v5.0
siemens ruggedcom_rmc8388 v5.0
siemens ruggedcom_rst916p v5.0
siemens ruggedcom_rs900gnc v5.0
siemens ruggedcom_rsg2100nc v5.0
siemens ruggedcom_rsg910c v5.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-693 The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects multiple versions of RUGGEDCOM devices before version 5.10.0. The issue is that these devices do not properly enforce interface access restrictions when switching from management to non-management interface configurations until the device is rebooted, even if the configuration is saved. This flaw allows an attacker who has network access and valid credentials to gain access to the device through a non-management interface and maintain SSH access until the device is rebooted.


How can this vulnerability impact me? :

If exploited, this vulnerability could allow an attacker with network access and credentials to access the device through non-management interfaces and maintain unauthorized SSH access until the device is rebooted. This could lead to unauthorized control or manipulation of the device, potentially disrupting operations or compromising network security.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, immediately upgrade the affected RUGGEDCOM devices to version 5.10.0 or later. Until the upgrade is applied, a temporary mitigation is to reboot the device after changing interface configurations to ensure access restrictions are properly enforced.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart