CVE-2024-39675 Information

Jul 10, 2024 cve

Description

A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10) RUGGEDCOM RMC30NC (All versions < V4.3.10) RUGGEDCOM RP110 (All versions < V4.3.10) RUGGEDCOM RP110NC (All versions < V4.3.10) RUGGEDCOM RS400 (All versions < V4.3.10) RUGGEDCOM RS400NC (All versions < V4.3.10) RUGGEDCOM RS401 (All versions < V4.3.10) RUGGEDCOM RS401NC (All versions < V4.3.10) RUGGEDCOM RS416 (All versions < V4.3.10) RUGGEDCOM RS416NC (All versions < V4.3.10) RUGGEDCOM RS416NCv2 V4.X (All versions < V4.3.10) RUGGEDCOM RS416NCv2 V5.X (All versions < V5.9.0) RUGGEDCOM RS416P (All versions < V4.3.10) RUGGEDCOM RS416PNC (All versions < V4.3.10) RUGGEDCOM RS416PNCv2 V4.X (All versions < V4.3.10) RUGGEDCOM RS416PNCv2 V5.X (All versions < V5.9.0) RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.10) RUGGEDCOM RS416Pv2 V5.X (All versions < V5.9.0) RUGGEDCOM RS416v2 V4.X (All versions < V4.3.10) RUGGEDCOM RS416v2 V5.X (All versions < V5.9.0) RUGGEDCOM RS910 (All versions < V4.3.10) RUGGEDCOM RS910L (All versions) RUGGEDCOM RS910LNC (All versions) RUGGEDCOM RS910NC (All versions < V4.3.10) RUGGEDCOM RS910W (All versions < V4.3.10) RUGGEDCOM RS920L (All versions) RUGGEDCOM RS920LNC (All versions) RUGGEDCOM RS920W (All versions). In some configurations the affected products wrongly enable the Modbus service in non-managed VLANS. Only serial devices are affected by this vulnerability.

Reference

https://cert-portal.siemens.com/productcert/html/ssa-170375.html

Share on: