CNNVD-202512-1593 Information

CNNVD ID

CNNVD-202512-1593

Related CVE

CVE-2024-56835

• CNNVD Published: 2025-12-09

Description (Chinese)

Siemens RUGGEDCOM ROX II是德国Siemens公司的一款面向工业应用的操作系统。 Siemens RUGGEDCOM ROX II V2.17.0之前版本存在注入漏洞，该漏洞源于DHCP服务器配置文件存在代码注入，可能导致获取root权限。

Description (English)

Siemens RUGEDCOM ROX II is an operating system for industrial applications by Siemens Germany. There was an injection loophole in the pre-Siemens RUGEDCOM ROX II V2.17.0, which originated from the code injection of the DHCP server configuration file, which could lead to the acquisition of root privileges.

Hazard Level

Medium

Vulnerability Type

注入

Affected Vendor

西门子

Published

2025-12-09

Last Modified

2026-02-24

References

https://cert-portal.siemens.com/productcert/html/ssa-912274.html

Patch

https://support.industry.siemens.com/cs/document/109997648/-firmware-download-for-ruggedcom-rox-2-17-0?lc=en-ww