CVE-2024-50572

< 8.2

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LT

7.2HIGH

CVE-2024-50561

< 8.2

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LT

4.3MEDIUM

CVE-2024-50560

< 8.2

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LT

3.1LOW

CVE-2024-50559

< 8.2

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LT

4.3MEDIUM

CVE-2024-50558

< 8.2

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LT

4.3MEDIUM

CVE-2024-50557

< 8.2

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LT

7.2HIGH

CVE-2022-46143

all versions

Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitializ

2.7LOW

CVE-2022-46142

all versions

Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrie

5.7MEDIUM

CVE-2022-46140

all versions

Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt

6.5MEDIUM

CVE-2022-31766

< 7.1.2

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.1.2), RUGGEDCOM RM1224

8.6HIGH

CVE-2022-36325

all versions

Affected devices do not properly sanitize data introduced by an user when rendering the web interface. This could allow an authent

6.8MEDIUM

CVE-2022-36324

all versions

Affected devices do not properly handle the renegotiation of SSL/TLS parameters. This could allow an unauthenticated remote attack

7.5HIGH

CVE-2022-36323

all versions

Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative p

9.1CRITICAL

CVE-2021-22924

< 7.1

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.

3.7LOW

CVE-2020-28400

< 6.4

Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a denial of service condition. The vul

7.5HIGH

CVE-2021-3449

>= 6.2

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renego

5.9MEDIUM

CVE-2021-25676

all versions

A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE S615 (V6.3), SCALANCE SC-600 (All

7.5HIGH

CVE-2021-25667

>= 4.3 and < 6.4

A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 an

8.8HIGH

CVE-2019-13946

< 4.3

Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnos

7.5HIGH

CVE-2018-5391

< 6.1

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targetin

7.5HIGH

CVE-2017-14491

< 5.0

Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrar

9.8CRITICAL

CVE-2017-2681

< 4.03

Specially crafted PROFINET DCP packets sent on a local Ethernet segment (Layer 2) to an affected product could cause a denial of s

6.5MEDIUM

CVE-2017-2680

< 4.03

Specially crafted PROFINET DCP broadcast packets could cause a denial of service condition of affected products on a local Etherne

6.5MEDIUM

CVE-2016-7090

<= 4.01

The integrated web server on Siemens SCALANCE M-800 and S615 modules with firmware before 4.02 does not set the secure flag for th

4.0MEDIUM