CVE-2024-41978 | Siemens RUGGEDCOM RM1224 LTE(4G) EU up to 8.0 2FA Token log file (ssa-087301)

A vulnerability was found in Siemens RUGGEDCOM RM1224 LTE(4G) EU, RUGGEDCOM RM1224 LTE(4G) NAM, SCALANCE M804PB, SCALANCE M812-1 ADSL-Router family, SCALANCE M816-1 ADSL-Router family, SCALANCE M826-2 SHDSL-Router, SCALANCE M874-2, SCALANCE M874-3, SCALANCE M874-3 3G-Router (CN), SCALANCE M876-3, SCALANCE M876-3 (ROK), SCALANCE M876-4, SCALANCE M876-4 (EU), SCALANCE M876-4 (NAM), SCALANCE MUM853-1 (A1), SCALANCE MUM853-1 (B1), SCALANCE MUM853-1 (EU), SCALANCE MUM856-1 (A1), SCALANCE MUM856-1 (B1), SCALANCE MUM856-1 (CN), SCALANCE MUM856-1 (EU), SCALANCE MUM856-1 (RoW), SCALANCE S615 EEC LAN-Router and SCALANCE S615 LAN-Router up to 8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component 2FA Token Handler. The manipulation leads to sensitive information in log files.

This vulnerability is handled as CVE-2024-41978. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-41978 | Siemens RUGGEDCOM RM1224 LTE(4G) EU up to 8.0 2FA Token log file (ssa-087301)

Post correlati

CVE-2024-38877 | Siemens Omnivise T3000 Application Server cleartext storage (ssa-857368)

CVE-2024-8348 | SourceCodester Computer Laboratory Management System 1.0 Master.php delete_category id sql injection

CVE-2024-43816 | Linux Kernel up to 6.10.2 scsi lpfc_prep_embed_io sge_len null pointer dereference (9fd003f344d5/8bc7c617642d)

CVE-2024-9289 | RedefiningTheWeb WordPress & WooCommerce Affiliate Program Plugin up to 8.4.1 on WordPress rtwwwap_login_request_callback authentication bypass