CVE-2023-49692

moderate-risk

Published 2023-12-12

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V7.2.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V7.2.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V7.2.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V7.2.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V7.2.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V7.2.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V7.2.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V7.2.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V7.2.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V7.2.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V7.2.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V7.2.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V7.2.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V7.2.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V7.2.2). An Improper Neutralization of Special Elements used in an OS Command with root privileges vulnerability exists in the parsing of the IPSEC configuration. This could allow malicious local administrators to issue commands on system level after a new connection is established.

Do I need to act?

0.14% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.2/10 High

NETWORK / LOW complexity

Affected Products (20)

6Gk6108-4Am00-2Ba2 Firmware

6Gk6108-4Am00-2Da2 Firmware

6Gk5804-0Ap00-2Aa2 Firmware

6Gk5812-1Aa00-2Aa2 Firmware

6Gk5812-1Ba00-2Aa2 Firmware

6Gk5816-1Aa00-2Aa2 Firmware

6Gk5816-1Ba00-2Aa2 Firmware

6Gk5826-2Ab00-2Ab2 Firmware

6Gk5874-2Aa00-2Aa2 Firmware

6Gk5874-3Aa00-2Aa2 Firmware

6Gk5876-3Aa02-2Ba2 Firmware

6Gk5876-3Aa02-2Ea2 Firmware

6Gk5876-4Aa10-2Ba2 Firmware

6Gk5876-4Aa00-2Ba2 Firmware

6Gk5876-4Aa00-2Da2 Firmware

6Gk5853-2Ea00-2Da1 Firmware

6Gk5856-2Ea00-3Da1 Firmware

6Gk5856-2Ea00-3Aa1 Firmware

6Gk5615-0Aa00-2Aa2 Firmware

6Gk5615-0Aa01-2Aa2 Firmware

Affected Vendors

Siemens

References (6)

https://cert-portal.siemens.com/productcert/html/ssa-068047.html

https://cert-portal.siemens.com/productcert/html/ssa-602936.html

Vendor Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-068047.pdf

https://cert-portal.siemens.com/productcert/html/ssa-068047.html

https://cert-portal.siemens.com/productcert/html/ssa-602936.html

Vendor Advisory https://cert-portal.siemens.com/productcert/pdf/ssa-068047.pdf

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 1/34 · Minimal

Exposure 20/34 · Moderate