Sensitive Data Exposure in RUGGEDCOM RST2428P by Siemens
CVE-2026-41918

5.9MEDIUM

Key Information:

Vendor: Siemens
Status: Ruggedcom Rst2428p
Vendor: CVE Published:; 2 June 2026

What is CVE-2026-41918?

A vulnerability has been discovered in the RUGGEDCOM RST2428P (6GK6242-6PA00) that affects all versions prior to V4.0. This issue arises when an authenticated user modifies specific configurations, leading to the unintended storage of sensitive information in the browser cache. An attacker with authentication could exploit this situation to gain unauthorized access to sensitive data stored within the browser, potentially compromising system integrity.

Affected Version(s)

RUGGEDCOM RST2428P 0

References

https://cert-portal.siemens.com/productcert/html/ssa-2534...

CVSS V4

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
Apr 22, 2026

CVE-2026-41918 Data

JSON