CVE-2023-49691

Published Dec 12, 2023

Last updated 3 months ago

CVSS medium 6.7

Overview

Description: A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.0), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.0), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.0), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.0), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.0), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.0), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.0), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.0), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.0), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.0), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.0), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.0), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.0), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.0), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.0), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.0), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.0), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.0). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the handling of the DDNS configuration. This could allow malicious local administrators to issue commands on system level after a successful IP address update.
Source: productcert@siemens.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.7
Impact score: 5.9
Exploitability score: 0.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

Weaknesses

productcert@siemens.com: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk6108-4am00-2ba2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FF17A4F6-6057-4A37-87E7-9BCADD629FF7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk6108-4am00-2ba2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D78FE89-5ADC-45CB-8EDC-AA657F106E07",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk6108-4am00-2da2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6C6F2102-116D-4488-9FEC-2A97DC6C5964"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk6108-4am00-2da2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58930E3B-A968-4098-9087-4C740EF376D9",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5804-0ap00-2aa2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ABB76E7F-193D-4AFA-A820-A3D93D1AAA32"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5804-0ap00-2aa2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F21BF0A-F11E-46F7-9E29-C56998E72387",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5812-1aa00-2aa2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "374B9F0F-D572-4CB3-8A8C-778AE405E4FA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5812-1aa00-2aa2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ECAC1DA7-D83A-4FB0-A961-5613B45327B6",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5812-1ba00-2aa2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B8A8BB09-B2DC-4F09-A051-FC1ACCA76627"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5812-1ba00-2aa2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9EA49DAA-7120-4812-A208-5DAC42D6ECB0",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5816-1aa00-2aa2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A8A090F9-63B9-4C02-8FF5-91A99231434A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5816-1aa00-2aa2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABC8E30A-6736-4305-9113-E7D2E151D3E1",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5816-1ba00-2aa2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A1FC0649-5A59-47C3-92F8-22A27EA08495"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5816-1ba00-2aa2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDD88150-70D8-444C-8368-957D9C14E0CD",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5826-2ab00-2ab2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "58C61EFF-461A-4FA0-B851-4B838FC9762F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5826-2ab00-2ab2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2156396E-75DC-4993-BE4B-66FD912CBFD9",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5874-2aa00-2aa2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B19E755-B69C-4D0F-B69C-17C6F03DED37",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5874-2aa00-2aa2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BA7267C4-1486-49AF-B5F9-2A40DC285E86"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5874-3aa00-2aa2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40EFCF99-C271-4F47-ACA3-B294855A3C35",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5874-3aa00-2aa2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B82271D5-62F9-4483-A199-AB306F560E70"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5876-3aa02-2ba2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF90538A-D487-4F20-B938-8B934F84C24E",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5876-3aa02-2ba2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AAFD5B12-FE85-432D-9169-657E8CA7FDB5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5876-3aa02-2ea2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CB6CC96-7F8B-400D-A094-81241AC0BE3B",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5876-3aa02-2ea2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F55773A9-F64F-4365-8249-B1500C809D63"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5876-4aa10-2ba2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4610695-66D5-4F8A-A11E-721B30DA5904",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5876-4aa10-2ba2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2BE36DEA-AEF7-4F39-B3C0-52ECBA170333"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5876-4aa00-2ba2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79C98BF8-4D0F-4A9F-9B3E-0E4D5ABE7E66",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5876-4aa00-2ba2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8040F274-DC42-466F-B13A-4DEA36B351DC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5876-4aa00-2da2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0730D773-35A2-411C-AB41-EB124F33006A",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5876-4aa00-2da2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D28BCB70-1DA2-4C1D-8FA5-B7242163C3DC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5853-2ea00-2da1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71DEC2D7-DE0E-41D6-857C-E7F3BEEB85B6",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5853-2ea00-2da1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "39CFB4DB-2628-49C8-BEF7-DB0A27FEA286"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5856-2ea00-3da1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A90AB343-67D5-4205-8B81-66BFE2D3B230",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5856-2ea00-3da1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AD59C631-F68B-4BB1-ACF1-BDE034214B20"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5856-2ea00-3aa1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF69EE86-5E8A-460A-AA47-3EC1475AB8B2",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5856-2ea00-3aa1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D3CE8D68-CCE8-49E8-8229-5D64E5F7C67B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5615-0aa00-2aa2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE2DDADD-E6A4-43DD-9317-4AFCB4B970AF",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5615-0aa00-2aa2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CF189379-EA02-4FCE-8E85-51C7CFD1674C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:siemens:6gk5615-0aa01-2aa2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F99BBBF-2AC0-4F02-9B95-5A3DD3D0B4EC",
            "versionEndExcluding": "8.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:siemens:6gk5615-0aa01-2aa2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B83CF684-8E84-4ECD-9090-8B8997008108"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References