Plattform
siemens
Komponente
scalance-ruggedcom-devices
Behoben in
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
CVE-2024-41797 describes a buffer overflow vulnerability affecting several Siemens SCALANCE and RUGGEDCOM devices. This flaw could potentially lead to remote code execution, granting an attacker unauthorized access and control. The vulnerability impacts devices running versions prior to V3.1, including models like the RST2428P, XC316-8, and XC432. Siemens has released version V3.1 to address this security concern.
The buffer overflow vulnerability in Siemens SCALANCE/RUGGEDCOM devices allows an attacker to potentially execute arbitrary code on the affected device. This could lead to complete system compromise, allowing the attacker to modify configurations, steal sensitive data, or disrupt operations. Given the devices' role in industrial control systems, exploitation could have significant consequences, including production downtime, safety hazards, and potential damage to equipment. The impact is amplified if these devices are exposed to untrusted networks or lack proper segmentation.
CVE-2024-41797 was published on 2025-06-10. The vulnerability's exploitation probability is currently undetermined (severity pending evaluation). Public proof-of-concept exploits are not yet available, but the buffer overflow nature of the vulnerability suggests it could be relatively easy to exploit once a suitable payload is developed. Monitor security advisories and threat intelligence feeds for updates.
Organizations utilizing Siemens SCALANCE and RUGGEDCOM devices in industrial control systems, manufacturing plants, or critical infrastructure are at significant risk. Specifically, deployments relying on legacy configurations or those with limited network segmentation are particularly vulnerable. Shared hosting environments where multiple tenants share the same physical infrastructure are also at increased risk, as a compromise of one device could potentially impact others.
• linux / server:
journalctl -u rudgcomd --since "1 hour ago" | grep -i "buffer overflow"• siemens / supply-chain:
Get-WinEvent -LogName Security -FilterXPath "/Event[System[Provider[@Name='Siemens RUGGEDCOM']]]" | Select-String -Pattern "buffer overflow"• generic web:
curl -I <device_ip>/status | grep -i "Siemens SCALANCE"disclosure
patch
Exploit-Status
EPSS
0.21% (44% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2024-41797 is to upgrade affected Siemens SCALANCE/RUGGEDCOM devices to version V3.1 or later. If an immediate upgrade is not feasible due to compatibility concerns or system downtime requirements, consider implementing temporary workarounds such as restricting network access to the devices, enabling strict firewall rules to limit incoming traffic, and monitoring network traffic for suspicious activity. Consult Siemens documentation for specific configuration recommendations. After upgrading, verify the fix by attempting to trigger the vulnerability with a known exploit vector and confirming it is no longer successful.
Actualice el firmware de los dispositivos afectados a la versión V3.1 o posterior. Consulte el aviso de seguridad de Siemens para obtener más detalles e instrucciones específicas para su dispositivo. Aplique las mitigaciones recomendadas por el proveedor lo antes posible.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2024-41797 is a buffer overflow vulnerability affecting Siemens SCALANCE and RUGGEDCOM devices running versions prior to V3.1. It could allow an attacker to execute arbitrary code.
You are affected if you are using Siemens SCALANCE/RUGGEDCOM devices with versions earlier than V3.1, including models like RST2428P, XC316-8, and XC432.
Upgrade your Siemens SCALANCE/RUGGEDCOM devices to version V3.1 or later. Review Siemens' release notes before upgrading.
There is currently no indication of active exploitation in the wild, but the vulnerability's nature suggests potential for future exploitation.
Refer to the official Siemens Security Notice for detailed information and updates regarding CVE-2024-41797.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.