Description

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions), RUGGEDCOM ROX MX5000RE (All versions), RUGGEDCOM ROX RX1400 (All versions), RUGGEDCOM ROX RX1500 (All versions), RUGGEDCOM ROX RX1501 (All versions), RUGGEDCOM ROX RX1510 (All versions), RUGGEDCOM ROX RX1511 (All versions), RUGGEDCOM ROX RX1512 (All versions), RUGGEDCOM ROX RX1524 (All versions), RUGGEDCOM ROX RX1536 (All versions), RUGGEDCOM ROX RX5000 (All versions). Affected devices do not properly limit access through its Built-In-Self-Test (BIST) mode. This could allow an attacker with physical access to the serial interface to bypass authentication and get access to a root shell on the device.

INFO

Published Date :

2025-08-12T11:17:11.853Z

Last Modified :

2025-08-12T18:23:25.349Z

Source :

siemens
AFFECTED PRODUCTS

The following products are affected by CVE-2025-40761 vulnerability.

Vendors Products
Siemens
  • Ruggedcom Rox Mx5000
  • Ruggedcom Rox Mx5000re
  • Ruggedcom Rox Rx1400
  • Ruggedcom Rox Rx1500
  • Ruggedcom Rox Rx1501
  • Ruggedcom Rox Rx1510
  • Ruggedcom Rox Rx1511
  • Ruggedcom Rox Rx1512
  • Ruggedcom Rox Rx1524
  • Ruggedcom Rox Rx1536
  • Ruggedcom Rox Rx5000
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-40761.

URL Resource
https://cert-portal.siemens.com/productcert/html/ssa-094954.html cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact