CVE-2024-39675 | Siemens RUGGEDCOM RMC30 prior 4.3.10 Modbus Service unknown vulnerability (ssa-170375)

A vulnerability, which was classified as very critical, was found in Siemens RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS400, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC and RUGGEDCOM RS920W. Affected is an unknown function of the component Modbus Service. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere.

This vulnerability is traded as CVE-2024-39675. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-39675 | Siemens RUGGEDCOM RMC30 prior 4.3.10 Modbus Service unknown vulnerability (ssa-170375)

Related Posts

CVE-2024-30156 | Varnish Cache/Enterprise HTTP/2 Broke Window Attack control flow

CVE-2023-26009 | Favethemes Houzez Login Register Plugin up to 2.6.3 on WordPress privileges management

CVE-2023-46751 | Artifex Ghostscript up to 10.02.0 gdev_prn_open_printer_seekable denial of service

CVE-2024-3251 | SourceCodester Computer Laboratory Management System 1.0 id sql injection