Denial of Service Vulnerability in RUGGEDCOM Products by Siemens
CVE-2025-41222

6.9MEDIUM

Key Information:

Vendor: Siemens
Status: Ruggedcom I800; Ruggedcom I801; Ruggedcom I802; Ruggedcom I803
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-41222?

A vulnerability exists in various RUGGEDCOM devices from Siemens that improperly handle malformed TLS handshake messages. An attacker with network access to the web server could exploit this flaw, leading to a denial of service by causing both the web server and the device to crash. This situation emphasizes the importance of securing these devices to mitigate potential interruptions in service.

Affected Version(s)

RUGGEDCOM i800 0

RUGGEDCOM i801 0

RUGGEDCOM i802 0

References

https://cert-portal.siemens.com/productcert/html/ssa-0830...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Apr 16, 2025