RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) and other products remote code execution vulnerability
CVE-2024-50572
8.6HIGH
Key Information:
- Vendor
Siemens
- Status
- Vendor
- CVE Published:
- 12 November 2024
What is CVE-2024-50572?
A newly identified vulnerability affects several Siemens products, including the RUGGEDCOM RM1224 LTE and various SCALANCE routers. This vulnerability occurs due to improper sanitization of an input field, which may permit an authenticated remote attacker with administrative privileges to execute arbitrary code or gain access to a system root shell. Organizations utilizing vulnerable devices are advised to implement corrective measures promptly to mitigate potential exploitation.
Affected Version(s)
RUGGEDCOM RM1224 LTE(4G) EU 0
RUGGEDCOM RM1224 LTE(4G) NAM 0
SCALANCE M804PB 0