Primary

Context

Siemens RUGGEDCOM RST2428P Information Exposure Vulnerability

Vulnerability

An information exposure vulnerability has been identified in the Siemens RUGGEDCOM RST2428P switch model (6GK6242-6PA00), affecting all versions. The vulnerability allows an unauthenticated attacker to access certain non-critical device information, potentially leading to a breach of confidentiality.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive data, causing a breach of confidentiality.

Remediation

Siemens currently has no fix available for this vulnerability. However, it is recommended to create a firewall rule that blocks the UDP ports used by the device for discovery protocols, such as LLDP, DCP, and MRP, if those ports are not required. Additionally, follow Siemens' operational guidelines for Industrial Security to protect network access to the device.

Added: Sep 9, 2025, 9:24 AM

Updated: Sep 9, 2025, 5:03 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.9

remediation

0.0

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Siemens RUGGEDCOM RST2428P Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating