CVE-2025-40761
BaseFortify
Publication date: 2025-08-12
Last updated on: 2025-08-12
Assigner: Siemens AG
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| siemens | ruggedcom_rox_mx5000 | * |
| siemens | ruggedcom_rox_rx5000 | * |
| siemens | ruggedcom_rox_rx1500 | * |
| siemens | ruggedcom_rox_mx5000re | * |
| siemens | ruggedcom_rox_rx1536 | * |
| siemens | ruggedcom_rox_rx1400 | * |
| siemens | ruggedcom_rox_rx1524 | * |
| siemens | ruggedcom_rox_rx1512 | * |
| siemens | ruggedcom_rox_rx1511 | * |
| siemens | ruggedcom_rox_rx1510 | * |
| siemens | ruggedcom_rox_rx1501 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-288 | The product requires authentication, but the product has an alternate path or channel that does not require authentication. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Siemens RUGGEDCOM ROX II family devices and is due to improper access restrictions in the Built-In-Self-Test (BIST) mode. An attacker with physical access to the device's serial interface can bypass authentication and gain root shell access, effectively taking full control of the device without proper authorization. [1]
How can this vulnerability impact me? :
The vulnerability allows an attacker with physical access to bypass authentication and gain root shell access, which can lead to full compromise of the device. This impacts confidentiality, integrity, and availability of the device and the network it supports, potentially disrupting critical infrastructure operations such as electric utility substations and traffic control systems. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability requires physical access to the device's serial interface to exploit the Built-In-Self-Test (BIST) mode authentication bypass. Detection on a network or system remotely is not feasible since the attack vector is local and physical. Therefore, no specific network or system commands are suggested for detection. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include setting a secure boot password on the affected devices as detailed in the respective product configuration manuals (section 5.9.3) to prevent unauthorized access to BIST mode. Additionally, protect network access to these devices using appropriate security mechanisms and configure the operational environment according to Siemens' Industrial Security operational guidelines. [1]