Multiple vulnerabilities in Siemens RUGGEDCOM CROSSBOW
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 9 |
| CVE-ID | CVE-2024-27939 CVE-2024-27940 CVE-2024-27941 CVE-2024-27942 CVE-2024-27943 CVE-2024-27944 CVE-2024-27945 CVE-2024-27946 CVE-2024-27947 |
| CWE-ID | CWE-862 CWE-89 CWE-306 CWE-73 CWE-22 CWE-200 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
RUGGEDCOM CROSSBOW Other software / Other software solutions |
| Vendor | Siemens |
Security Bulletin
This security bulletin contains information about 9 vulnerabilities.
1) Missing Authorization
EUVDB-ID: #VU89614
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-27939
CWE-ID:
CWE-862 - Missing Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to missing authorization. A remote attacker can upload of arbitrary files and execute arbitrary code with system privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM CROSSBOW: before 5.5
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-916916.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) SQL injection
EUVDB-ID: #VU89617
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-27940
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM CROSSBOW: before 5.5
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-916916.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) SQL injection
EUVDB-ID: #VU89619
Risk: Medium
CVSSv4.0: 6.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-27941
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Successful exploitation of this vulnerability may allow a remote attacker to read, delete, modify data in database and gain complete control over the affected application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM CROSSBOW: before 5.5
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-916916.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Missing Authentication for Critical Function
EUVDB-ID: #VU89620
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-27942
CWE-ID:
CWE-306 - Missing Authentication for Critical Function
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the affected systems allow any unauthenticated client to disconnect any active user from the server. A remote attacker can prevent any user to perform actions in the system and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM CROSSBOW: before 5.5
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-916916.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) External Control of File Name or Path
EUVDB-ID: #VU89621
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27943
CWE-ID:
CWE-73 - External Control of File Name or Path
Exploit availability: No
DescriptionThe vulnerability allows a remote user to upload arbitrary files.
The vulnerability exists due to application allows an attacker to control path of the files to delete. A remote administrator can send a specially crafted HTTP request and upload arbitrary files on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM CROSSBOW: before 5.5
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-916916.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) External Control of File Name or Path
EUVDB-ID: #VU89625
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27944
CWE-ID:
CWE-73 - External Control of File Name or Path
Exploit availability: No
DescriptionThe vulnerability allows a remote user to upload arbitrary files.
The vulnerability exists due to application allows an attacker to control path of the files to delete. A remote administrator can send a specially crafted HTTP request and upload arbitrary files on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM CROSSBOW: before 5.5
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-916916.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) External Control of File Name or Path
EUVDB-ID: #VU89629
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27945
CWE-ID:
CWE-73 - External Control of File Name or Path
Exploit availability: No
DescriptionThe vulnerability allows a remote user to upload arbitrary files.
The vulnerability exists due to application allows an attacker to control path of the files to delete. A remote administrator can send a specially crafted HTTP request and upload arbitrary files on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM CROSSBOW: before 5.5
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-916916.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Path traversal
EUVDB-ID: #VU89632
Risk: Low
CVSSv4.0: 4.8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27946
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote administrator can send a specially crafted HTTP request and overwrite arbitrary files on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsRUGGEDCOM CROSSBOW: before 5.5
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-916916.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Information disclosure
EUVDB-ID: #VU89635
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-27947
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsRUGGEDCOM CROSSBOW: before 5.5
CPE2.3 External linkshttps://cert-portal.siemens.com/productcert/html/ssa-916916.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
