Input Validation Vulnerability in iperf Functionality Could Allow Arbitrary Code Execution
CVE-2024-50557
9.8CRITICAL
Key Information:
- Vendor
Siemens
- Status
- Vendor
- CVE Published:
- 12 November 2024
What is CVE-2024-50557?
A significant input validation issue has been discovered in various RUGGEDCOM RM1224 and SCALANCE M-series devices produced by Siemens. The flaw resides in the configuration fields related to the iperf functionality, which do not validate inputs properly. This oversight could enable an unauthorized remote attacker to execute arbitrary code on the affected devices, presenting serious security concerns for networks using these products. Immediate action is recommended to mitigate potential exploits.
Affected Version(s)
RUGGEDCOM RM1224 LTE(4G) EU 0
RUGGEDCOM RM1224 LTE(4G) NAM 0
SCALANCE M804PB 0