CVE-2024-37994 | Siemens SIMATIC Reader RF610R CMIIT up to 4.1 Configuration backdoor (ssa-765405)

A vulnerability was found in Siemens SIMATIC Reader RF610R CMIIT, SIMATIC Reader RF610R ETSI, SIMATIC Reader RF610R FCC, SIMATIC Reader RF615R CMIIT, SIMATIC Reader RF615R ETSI, SIMATIC Reader RF615R FCC, SIMATIC Reader RF650R ARIB, SIMATIC Reader RF650R CMIIT, SIMATIC Reader RF650R ETSI, SIMATIC Reader RF650R FCC, SIMATIC Reader RF680R ARIB, SIMATIC Reader RF680R CMIIT, SIMATIC Reader RF680R ETSI, SIMATIC Reader RF680R FCC, SIMATIC Reader RF685R ARIB, SIMATIC Reader RF685R CMIIT, SIMATIC Reader RF685R ETSI, SIMATIC Reader RF685R FCC, SIMATIC RF1140R, SIMATIC RF1170R, SIMATIC RF166C, SIMATIC RF185C, SIMATIC RF186C, SIMATIC RF186CI, SIMATIC RF188C, SIMATIC RF188CI and SIMATIC RF360R up to 4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Configuration Handler. The manipulation leads to backdoor.

This vulnerability is handled as CVE-2024-37994. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37994 | Siemens SIMATIC Reader RF610R CMIIT up to 4.1 Configuration backdoor (ssa-765405)

Post correlati

CVE-2024-4337 | Adive Framework 2.0.8 /adive/admin/nav/add cross site scripting

CVE-2024-1993 | Icon Widget Plugin up to 1.3.0 on WordPress Shortcode cross site scripting

CVE-2024-45682 | Millbeck Communications Proroute H685t-w 3.2.334 command injection (icsa-24-261-02)

CVE-2024-35137 | IBM Security Verify Access Docker up to 10.0.7.1 Configuration empty password in configuration file (XFDB-292413)