Siemens RUGGEDCOM ROX II Family Arbitrary File Upload Vulnerability

An arbitrary file upload vulnerability has been identified in the Siemens RUGGEDCOM ROX II family, affecting all versions of the ROX MX5000, ROX MX5000RE, ROX RX1400, ROX RX1500, ROX RX1501, ROX RX1510, ROX RX1511, ROX RX1512, ROX RX1524, ROX RX1536, and ROX RX5000 products. The vulnerability arises because these devices do not adequately restrict the types and sizes of files that can be uploaded via the web interface. This flaw could enable an authenticated remote attacker with high privileges to upload arbitrary files to the device's filesystem.

Impact

Exploitation of this vulnerability could lead to unauthorized file uploads, potentially allowing for further attacks such as remote code execution, depending on the uploaded file's nature and how the device handles it.

Remediation

Siemens is working on patching this vulnerability and recommends that users limit access to the web interface for highly privileged accounts to only those who are authorized and trusted. For general security, Siemens advises following their operational guidelines for Industrial Security and consulting the product manuals.