Siemens RUGGEDCOM RMC8388
0 remedies
cpe:2.3:h:siemens:ruggedcom_rmc8388:*:*:*:*:*:*:*
0 remedies
- < V5.10.0
Siemens RUGGEDCOM Products Interface Access Restriction Vulnerability Allowing Unauthorized SSH Access
Vulnerability
A vulnerability exists in multiple RUGGEDCOM products running versions through 5.10.0. The issue arises because these products do not properly enforce access restrictions when switching from management to non-management interface configurations. This flaw allows an attacker with network access and credentials to access the device through a non-management interface and maintain SSH access until the device is rebooted.
Impact
Exploitation of this vulnerability allows for unauthorized access to the device via non-management interfaces, with the ability to maintain SSH access until the device is rebooted.
Remediation
Users are advised to update to RUGGEDCOM ROS version 5.10.0 or later. For products where a fix is not yet available, Siemens recommends deactivating the SSH server if it is not needed, and restricting access to ports 80/tcp, 443/tcp, and 22/tcp to trusted IP addresses only.
Added: Jul 8, 2025, 12:35 PM
Updated: Jul 8, 2025, 12:35 PM
Vulnerability Rating
Custom Algorithm
spread
4.5impact
7.5exploitability
4.5remediation
7.7relevance
0.2threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.