CVE-2015-1449

Published: Feb 2, 2015Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to execute arbitrary code via unspecified vectors.

Affected (2)

Products: Siemens: Ruggedcom Firmware

1 product

Ruggedcom Firmware

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Siemens Ruggedcom Firmware	Up to bs4.4.4621.31

Running on/with	Platform Versions
Siemens Ruggedcom Win7000	All versions
Siemens Ruggedcom Win7200	All versions

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Siemens Ruggedcom Firmware	Up to ss4.4.4624.34

Running on/with	Platform Versions
Siemens Ruggedcom Win5100	All versions
Siemens Ruggedcom Win5200	All versions

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-753139.pdf

Source: cve@mitre.org

Vendor Advisory

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-753139.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.