Platform
siemens
Component
scalance-ruggedcom-devices
Fixed in
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
V3.1
CVE-2024-41797 describes a buffer overflow vulnerability affecting several Siemens SCALANCE and RUGGEDCOM devices. This flaw could potentially lead to remote code execution, granting an attacker unauthorized access and control. The vulnerability impacts devices running versions prior to V3.1, including models like the RST2428P, XC316-8, and XC432. Siemens has released version V3.1 to address this security concern.
Successful exploitation of CVE-2024-41797 could allow an attacker to execute arbitrary code on the affected Siemens SCALANCE/RUGGEDCOM device. This could lead to a complete compromise of the device, enabling the attacker to intercept network traffic, modify configurations, or launch further attacks against other systems on the network. Given the industrial nature of these devices, a successful attack could disrupt critical operations and potentially cause significant financial or physical damage. The impact is amplified if these devices are used in critical infrastructure or control systems, where unauthorized access could have severe consequences. The potential for lateral movement from a compromised device to other systems within the network is a significant concern.
The vulnerability was publicly disclosed on 2025-06-10. Currently, there is no indication of active exploitation in the wild. The CVSS score of 4.3 (MEDIUM) suggests a moderate probability of exploitation. It is not listed on the CISA KEV catalog at the time of writing. Public proof-of-concept exploits are not yet available, but the nature of a buffer overflow vulnerability suggests that such exploits are likely to emerge.
Exploit Status
EPSS
0.21% (44% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-41797 is to upgrade affected Siemens SCALANCE/RUGGEDCOM devices to version V3.1 or later. Before upgrading, it is crucial to review Siemens' release notes and compatibility documentation to ensure the upgrade does not introduce any unforeseen issues with existing configurations or connected systems. If an immediate upgrade is not feasible, consider implementing temporary workarounds such as restricting network access to the affected devices, enabling strict firewall rules to limit inbound traffic, and closely monitoring device logs for any suspicious activity. While a WAF or proxy cannot directly prevent the buffer overflow, they can help mitigate the impact by filtering malicious requests. After upgrading, verify the fix by attempting to trigger the vulnerability using known exploit techniques and confirming that the device remains stable.
Actualice el firmware de los dispositivos afectados a la versión V3.1 o posterior. Consulte el aviso de seguridad de Siemens para obtener más detalles e instrucciones específicas para su dispositivo. Aplique las mitigaciones recomendadas por el proveedor lo antes posible.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-41797 is a buffer overflow vulnerability affecting Siemens SCALANCE and RUGGEDCOM devices running versions prior to V3.1. It could allow an attacker to execute arbitrary code.
You are affected if you are using Siemens SCALANCE/RUGGEDCOM devices with versions earlier than V3.1, including models like RST2428P, XC316-8, and XC432.
Upgrade your Siemens SCALANCE/RUGGEDCOM devices to version V3.1 or later. Review Siemens' release notes before upgrading.
There is currently no indication of active exploitation in the wild, but the vulnerability's nature suggests potential for future exploitation.
Refer to the official Siemens Security Notice for detailed information and updates regarding CVE-2024-41797.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.