Siemens RUGGEDCOM ROX MX5000
0 remedies
cpe:2.3:h:siemens:ruggedcom_rox_mx5000:*:*:*:*:*:*:*, +1 more
0 remedies
Siemens RUGGEDCOM ROX II Authentication Bypass Vulnerability in BIST Mode
Vulnerability
An authentication bypass vulnerability has been identified in the Siemens RUGGEDCOM ROX II product family, including the ROX MX5000, ROX MX5000RE, ROX RX1400, ROX RX1500, ROX RX1501, ROX RX1510, ROX RX1511, ROX RX1512, ROX RX1524, ROX RX1536, and ROX RX5000, all versions. The vulnerability arises because these devices do not properly restrict access through their Built-In-Self-Test (BIST) mode. This flaw could enable an attacker with physical access to the serial interface to bypass authentication and gain access to a root shell on the device.
Impact
Exploitation of this vulnerability could lead to unauthorized access to a root shell on the affected device, allowing for full control over the device's functions and settings.
Remediation
Siemens is preparing fixed versions for this vulnerability. For products where fixes are not yet available, specific countermeasures can be found in the Siemens Security Advisory SSA-094954.
Added: Aug 12, 2025, 12:28 PM
Updated: Aug 12, 2025, 2:46 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
7.5exploitability
3.5remediation
0.0relevance
0.3threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.