CVE-2024-41977

None

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices do not properly enforce isolation between user sessions in their web server component. This could allow an authenticated remote attacker to escalate their privileges on the devices.

INFO

Published Date :

2024-08-13T07:54:37.591Z

Last Modified :

2024-08-13T16:01:41.802Z

Source :

siemens

AFFECTED PRODUCTS

The following products are affected by CVE-2024-41977 vulnerability.

Vendors	Products
Siemens	Ruggedcom Rcm1224 Firmware Ruggedcom Rm1224 Lte\(4g\) Eu Ruggedcom Rm1224 Lte\(4g\) Eu Firmware Ruggedcom Rm1224 Lte\(4g\) Nam Ruggedcom Rm1224 Lte\(4g\) Nam Firmware Scalance M804pb Scalance M804pb Firmware Scalance M812-1 \(annex A\) Scalance M812-1 \(annex A\) Firmware Scalance M812-1 \(annex B\) Scalance M812-1 \(annex B\) Firmware Scalance M816-1 \(annex A\) Scalance M816-1 \(annex A\) Firmware Scalance M816-1 \(annex B\) Scalance M816-1 \(annex B\) Firmware Scalance M826-2 Shdsl-router Scalance M826-2 Shdsl-router Firmware Scalance M874-2 Scalance M874-2 Firmware Scalance M874-3 Scalance M874-3 3g-router \(cn\) Scalance M874-3 3g-router \(cn\) Firmware Scalance M874-3 Firmware Scalance M876-3 Scalance M876-3 \(rok\) Scalance M876-3 \(rok\) Firmware Scalance M876-3 Firmware Scalance M876-4 Scalance M876-4 \(eu\) Scalance M876-4 \(eu\) Firmware Scalance M876-4 \(nam\) Scalance M876-4 \(nam\) Firmware Scalance M876-4 Firmware Scalance Mum853-1 \(a1\) Scalance Mum853-1 \(a1\) Firmware Scalance Mum853-1 \(b1\) Scalance Mum853-1 \(b1\) Firmware Scalance Mum853-1 \(eu\) Scalance Mum853-1 \(eu\) Firmware Scalance Mum856-1 \(a1\) Scalance Mum856-1 \(a1\) Firmware Scalance Mum856-1 \(b1\) Scalance Mum856-1 \(b1\) Firmware Scalance Mum856-1 \(cn\) Scalance Mum856-1 \(cn\) Firmware Scalance Mum856-1 \(eu\) Scalance Mum856-1 \(eu\) Firmware Scalance Mum856-1 \(row\) Scalance Mum856-1 \(row\) Firmware Scalance S615 Eec Lan-router Scalance S615 Eec Lan-router Firmware Scalance S615 Lan-router Scalance S615 Lan-router Firmware

Vendors

Products

Siemens

Ruggedcom Rcm1224 Firmware
Ruggedcom Rm1224 Lte\(4g\) Eu
Ruggedcom Rm1224 Lte\(4g\) Eu Firmware
Ruggedcom Rm1224 Lte\(4g\) Nam
Ruggedcom Rm1224 Lte\(4g\) Nam Firmware
Scalance M804pb
Scalance M804pb Firmware
Scalance M812-1 \(annex A\)
Scalance M812-1 \(annex A\) Firmware
Scalance M812-1 \(annex B\)
Scalance M812-1 \(annex B\) Firmware
Scalance M816-1 \(annex A\)
Scalance M816-1 \(annex A\) Firmware
Scalance M816-1 \(annex B\)
Scalance M816-1 \(annex B\) Firmware
Scalance M826-2 Shdsl-router
Scalance M826-2 Shdsl-router Firmware
Scalance M874-2
Scalance M874-2 Firmware
Scalance M874-3
Scalance M874-3 3g-router \(cn\)
Scalance M874-3 3g-router \(cn\) Firmware
Scalance M874-3 Firmware
Scalance M876-3
Scalance M876-3 \(rok\)
Scalance M876-3 \(rok\) Firmware
Scalance M876-3 Firmware
Scalance M876-4
Scalance M876-4 \(eu\)
Scalance M876-4 \(eu\) Firmware
Scalance M876-4 \(nam\)
Scalance M876-4 \(nam\) Firmware
Scalance M876-4 Firmware
Scalance Mum853-1 \(a1\)
Scalance Mum853-1 \(a1\) Firmware
Scalance Mum853-1 \(b1\)
Scalance Mum853-1 \(b1\) Firmware
Scalance Mum853-1 \(eu\)
Scalance Mum853-1 \(eu\) Firmware
Scalance Mum856-1 \(a1\)
Scalance Mum856-1 \(a1\) Firmware
Scalance Mum856-1 \(b1\)
Scalance Mum856-1 \(b1\) Firmware
Scalance Mum856-1 \(cn\)
Scalance Mum856-1 \(cn\) Firmware
Scalance Mum856-1 \(eu\)
Scalance Mum856-1 \(eu\) Firmware
Scalance Mum856-1 \(row\)
Scalance Mum856-1 \(row\) Firmware
Scalance S615 Eec Lan-router
Scalance S615 Eec Lan-router Firmware
Scalance S615 Lan-router
Scalance S615 Lan-router Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-41977.

URL	Resource
https://cert-portal.siemens.com/productcert/html/ssa-087301.html

CVSS Vulnerability Scoring System

V4
V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact