CNNVD-202512-1589 Information

CNNVD ID

CNNVD-202512-1589

Related CVE

CVE-2024-56839

• CNNVD Published: 2025-12-09

Description (Chinese)

Siemens RUGGEDCOM ROX II是德国Siemens公司的一款面向工业应用的操作系统。 Siemens RUGGEDCOM ROX II V2.17.0之前版本存在注入漏洞，该漏洞源于VRF使用中存在代码注入，可能导致执行任意代码。

Description (English)

Siemens RUGEDCOM ROX II is an operating system for industrial applications by Siemens Germany. The pre-version version of Siemens RUGEDCOM ROX II V2.17.0 had an injection loophole, which stemmed from the presence of a code injected in VRF use, which could lead to the execution of any code.

Hazard Level

Medium

Vulnerability Type

注入

Affected Vendor

西门子

Published

2025-12-09

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-912274.html

Patch

https://support.industry.siemens.com/cs/document/109997648/-firmware-download-for-ruggedcom-rox-2-17-0?lc=en-ww