Access Control Vulnerability in RUGGEDCOM Network Devices by Siemens
CVE-2025-41224

7.7HIGH

Key Information:

Vendor: Siemens
Status: Ruggedcom Rmc8388 V5.x; Ruggedcom Rmc8388nc V5.x; Ruggedcom Rs416ncv2 V5.x; Ruggedcom Rs416pncv2 V5.x
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-41224?

An access control vulnerability has been identified in multiple RUGGEDCOM devices from Siemens. The affected products fail to enforce proper access restrictions when transitioning from management to non-management interface configurations, leading to potential unauthorized access. This vulnerability can be exploited by attackers who have network access and proper credentials, allowing them to maintain SSH access to the device until a reboot occurs, posing a significant risk to network security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

RUGGEDCOM RMC8388 V5.X 0

RUGGEDCOM RMC8388NC V5.X 0

RUGGEDCOM RS416NCv2 V5.X 0

References

https://cert-portal.siemens.com/productcert/html/ssa-0830...

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Apr 16, 2025

JSON

Siemens

What is CVE-2025-41224?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.