CNNVD-202512-1591 Information

CNNVD ID

CNNVD-202512-1591

Related CVE

CVE-2024-56837

• CNNVD Published: 2025-12-09

Description (Chinese)

Siemens RUGGEDCOM ROX II是德国Siemens公司的一款面向工业应用的操作系统。 Siemens RUGGEDCOM ROX II V2.17.0之前版本存在命令注入漏洞，该漏洞源于配置文件验证不足，可能导致获取root权限。

Description (English)

Siemens RUGEDCOM ROX II is an operating system for industrial applications by Siemens Germany. The pre-Siemens RUGEDCOM ROX II V2.17.0 version has a command-injecting loophole, which results from inadequate config file validation, which may lead to the acquisition of root privileges.

Hazard Level

Medium

Vulnerability Type

命令注入

Affected Vendor

西门子

Published

2025-12-09

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-912274.html

Patch

https://support.industry.siemens.com/cs/document/109997648/-firmware-download-for-ruggedcom-rox-2-17-0?lc=en-ww