← Back

CVE-2024-41978

nvd nist
Published: Aug 13, 2024Modified: Aug 23, 2024

JSON object

Loading...
7.1
Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Show more
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less
Source: productcert@siemens.com (Secondary)

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.1). Affected devices insert sensitive information about the generation of 2FA tokens into log files. This could allow an authenticated remote attacker to forge 2FA tokens of other users.

Affected (26)

Products: Siemens: Ruggedcom Rm1224 Lte(4g) Eu Firmware, Ruggedcom Rm1224 Lte(4g) Nam Firmware, Scalance M804pb Firmware, Scalance M826 2 Shdsl Router Firmware, Scalance M874 2 Firmware, Scalance M874 3 Firmware, Scalance M876 3 Firmware, Scalance M876 4 Firmware, Scalance M874 3 3g Router (cn) Firmware, Scalance M876 3 (rok) Firmware, Scalance M876 4 (eu) Firmware, Scalance M876 4 (nam) Firmware, Scalance Mum853 1 (a1) Firmware, Scalance Mum853 1 (b1) Firmware, Scalance Mum853 1 (eu) Firmware, Scalance Mum856 1 (a1) Firmware, Scalance Mum856 1 (b1) Firmware, Scalance Mum856 1 (cn) Firmware, Scalance Mum856 1 (eu) Firmware, Scalance Mum856 1 (row) Firmware, Scalance S615 Eec Lan Router Firmware, Scalance S615 Lan Router Firmware, Scalance M812 1 (annex A) Firmware, Scalance M812 1 (annex B) Firmware, Scalance M816 1 (annex A) Firmware, Scalance M816 1 (annex B) Firmware
Siemens
26 products
Ruggedcom Rm1224 Lte(4g) Eu Firmware
Ruggedcom Rm1224 Lte(4g) Nam Firmware
Scalance M804pb Firmware
Scalance M826 2 Shdsl Router Firmware
Scalance M874 2 Firmware
Scalance M874 3 Firmware
Scalance M876 3 Firmware
Scalance M876 4 Firmware
Scalance M874 3 3g Router (cn) Firmware
Scalance M876 3 (rok) Firmware
Scalance M876 4 (eu) Firmware
Scalance M876 4 (nam) Firmware
Scalance Mum853 1 (a1) Firmware
Scalance Mum853 1 (b1) Firmware
Scalance Mum853 1 (eu) Firmware
Scalance Mum856 1 (a1) Firmware
Scalance Mum856 1 (b1) Firmware
Scalance Mum856 1 (cn) Firmware
Scalance Mum856 1 (eu) Firmware
Scalance Mum856 1 (row) Firmware
Scalance S615 Eec Lan Router Firmware
Scalance S615 Lan Router Firmware
Scalance M812 1 (annex A) Firmware
Scalance M812 1 (annex B) Firmware
Scalance M816 1 (annex A) Firmware
Scalance M816 1 (annex B) Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ruggedcom Rm1224 Lte(4g) Eu Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Ruggedcom Rm1224 Lte(4g) Eu
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ruggedcom Rm1224 Lte(4g) Nam Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Ruggedcom Rm1224 Lte(4g) Nam
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M804pb Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M804pb
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M826 2 Shdsl Router Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M826 2 Shdsl Router
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M874 2 Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M874 2
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M874 3 Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M874 3
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M876 3 Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M876 3
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M876 4 Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M876 4
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M874 3 3g Router (cn) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M874 3 3g Router (cn)
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M876 3 (rok) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M876 3 (rok)
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M876 4 (eu) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M876 4 (eu)
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M876 4 (nam) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M876 4 (nam)
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance Mum853 1 (a1) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance Mum853 1 (a1)
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance Mum853 1 (b1) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance Mum853 1 (b1)
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance Mum853 1 (eu) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance Mum853 1 (eu)
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance Mum856 1 (a1) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance Mum856 1 (a1)
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance Mum856 1 (b1) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance Mum856 1 (b1)
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance Mum856 1 (cn) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance Mum856 1 (cn)
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance Mum856 1 (eu) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance Mum856 1 (eu)
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance Mum856 1 (row) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance Mum856 1 (row)
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance S615 Eec Lan Router Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance S615 Eec Lan Router
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance S615 Lan Router Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance S615 Lan Router
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M812 1 (annex A) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M812 1 (annex A)
All versions
Configuration X
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M812 1 (annex B) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M812 1 (annex B)
All versions
Configuration Y
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M816 1 (annex A) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M816 1 (annex A)
All versions
Configuration Z
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance M816 1 (annex B) Firmware
Before 8.1
Running on/withPlatform Versions
Siemens
Scalance M816 1 (annex B)
All versions

Related CWEs

CWE-532
Insertion of Sensitive Information into Log File
Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

References (1)

Source: productcert@siemens.com
Vendor Advisory

Timeline

No history available yet.