Vulnerabilites related to Siemens - SCALANCE XR326-8
CVE-2025-40568 (GCVE-0-2025-40568)
Vulnerability from cvelistv5
Published
2025-06-10 15:17
Modified
2025-06-10 17:11
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
CWE
  • CWE-863 - Incorrect Authorization
Summary
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions < V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions < V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions < V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions < V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). An internal session termination functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with "guest" role to terminate legitimate users' sessions.
References
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RST2428P Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC316-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC324-4 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC324-4 EEC Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC332 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC416-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC424-4 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC432 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCH328 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCM324 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCM328 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCM332 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 EEC Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRH334 (24 V DC, 8xFO, CC) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230 V AC, 12xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230 V AC, 8xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24 V DC, 12xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24 V DC, 8xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230 V AC, 12xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230 V AC, 8xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-40568",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-10T17:11:24.409368Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-10T17:11:29.124Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RST2428P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC316-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC324-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC324-4 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC332",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC416-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC424-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC432",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCH328",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM324",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM328",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM332",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRH334 (24 V DC, 8xFO, CC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230 V AC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230 V AC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24 V DC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24 V DC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230 V AC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230 V AC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions \u003c V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions \u003c V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions \u003c V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions \u003c V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions \u003c V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions \u003c V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions \u003c V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions \u003c V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions \u003c V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions \u003c V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions \u003c V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions \u003c V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions \u003c V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions \u003c V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions \u003c V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions \u003c V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions \u003c V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions \u003c V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions \u003c V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions \u003c V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions \u003c V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions \u003c V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions \u003c V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions \u003c V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions \u003c V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions \u003c V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions \u003c V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions \u003c V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions \u003c V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions \u003c V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions \u003c V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions \u003c V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions \u003c V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions \u003c V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions \u003c V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions \u003c V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions \u003c V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions \u003c V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions \u003c V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions \u003c V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions \u003c V3.2). An internal session termination functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with \"guest\" role to terminate legitimate users\u0027 sessions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-10T15:17:31.304Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-693776.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2025-40568",
    "datePublished": "2025-06-10T15:17:31.304Z",
    "dateReserved": "2025-04-16T08:20:17.031Z",
    "dateUpdated": "2025-06-10T17:11:29.124Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-40569 (GCVE-0-2025-40569)
Vulnerability from cvelistv5
Published
2025-06-10 15:17
Modified
2025-06-10 17:11
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N
5.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
CWE
  • CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Summary
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions < V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions < V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions < V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions < V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). The "Load Configuration from Local PC" functionality in the web interface of affected products contains a race condition vulnerability. This could allow an authenticated remote attacker to make the affected product load an attacker controlled configuration instead of the legitimate one. Successful exploitation requires that a legitimate administrator invokes the functionality and the attacker wins the race condition.
References
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RST2428P Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC316-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC324-4 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC324-4 EEC Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC332 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC416-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC424-4 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC432 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCH328 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCM324 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCM328 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCM332 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 EEC Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRH334 (24 V DC, 8xFO, CC) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230 V AC, 12xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230 V AC, 8xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24 V DC, 12xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24 V DC, 8xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230 V AC, 12xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230 V AC, 8xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-40569",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-10T17:11:03.268317Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-10T17:11:08.796Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RST2428P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC316-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC324-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC324-4 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC332",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC416-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC424-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC432",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCH328",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM324",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM328",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM332",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRH334 (24 V DC, 8xFO, CC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230 V AC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230 V AC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24 V DC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24 V DC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230 V AC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230 V AC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions \u003c V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions \u003c V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions \u003c V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions \u003c V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions \u003c V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions \u003c V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions \u003c V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions \u003c V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions \u003c V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions \u003c V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions \u003c V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions \u003c V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions \u003c V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions \u003c V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions \u003c V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions \u003c V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions \u003c V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions \u003c V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions \u003c V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions \u003c V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions \u003c V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions \u003c V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions \u003c V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions \u003c V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions \u003c V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions \u003c V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions \u003c V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions \u003c V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions \u003c V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions \u003c V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions \u003c V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions \u003c V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions \u003c V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions \u003c V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions \u003c V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions \u003c V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions \u003c V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions \u003c V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions \u003c V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions \u003c V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions \u003c V3.2). The \"Load Configuration from Local PC\" functionality in the web interface of affected products contains a race condition vulnerability. This could allow an authenticated remote attacker to make the affected product load an attacker controlled configuration instead of the legitimate one. Successful exploitation requires that a legitimate administrator invokes the functionality and the attacker wins the race condition."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-10T15:17:33.607Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-693776.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2025-40569",
    "datePublished": "2025-06-10T15:17:33.607Z",
    "dateReserved": "2025-04-16T08:20:17.031Z",
    "dateUpdated": "2025-06-10T17:11:08.796Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-40567 (GCVE-0-2025-40567)
Vulnerability from cvelistv5
Published
2025-06-10 15:17
Modified
2025-06-10 17:11
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
7.1 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
CWE
  • CWE-863 - Incorrect Authorization
Summary
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions < V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions < V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions < V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions < V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions < V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions < V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions < V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions < V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions < V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions < V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions < V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions < V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions < V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions < V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.2). The "Load Rollback" functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with "guest" role to make the affected product roll back configuration changes made by privileged users.
References
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RST2428P Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC316-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC324-4 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC324-4 EEC Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC332 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC416-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC424-4 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XC432 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCH328 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCM324 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCM328 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XCM332 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR326-8 EEC Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRH334 (24 V DC, 8xFO, CC) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230 V AC, 12xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230 V AC, 8xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24 V DC, 12xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24 V DC, 8xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230 V AC, 12xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230 V AC, 8xFO) Version: 0   < V3.2
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-40567",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-10T17:11:45.488131Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-10T17:11:51.298Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RST2428P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC316-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC324-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC324-4 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC332",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC416-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC424-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC432",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCH328",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM324",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM328",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM332",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRH334 (24 V DC, 8xFO, CC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230 V AC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230 V AC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24 V DC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24 V DC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230 V AC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230 V AC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.2",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions \u003c V3.2), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions \u003c V3.2), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions \u003c V3.2), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions \u003c V3.2), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions \u003c V3.2), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions \u003c V3.2), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions \u003c V3.2), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions \u003c V3.2), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions \u003c V3.2), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions \u003c V3.2), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions \u003c V3.2), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions \u003c V3.2), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions \u003c V3.2), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions \u003c V3.2), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions \u003c V3.2), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions \u003c V3.2), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions \u003c V3.2), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions \u003c V3.2), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions \u003c V3.2), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions \u003c V3.2), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions \u003c V3.2), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions \u003c V3.2), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions \u003c V3.2), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions \u003c V3.2), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions \u003c V3.2), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions \u003c V3.2), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions \u003c V3.2), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions \u003c V3.2), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions \u003c V3.2), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions \u003c V3.2), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions \u003c V3.2), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions \u003c V3.2), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions \u003c V3.2), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions \u003c V3.2), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions \u003c V3.2), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions \u003c V3.2), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions \u003c V3.2), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions \u003c V3.2), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions \u003c V3.2), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions \u003c V3.2), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions \u003c V3.2). The \"Load Rollback\" functionality in the web interface of affected products contains an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with \"guest\" role to make the affected product roll back configuration changes made by privileged users."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-10T15:17:28.878Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-693776.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2025-40567",
    "datePublished": "2025-06-10T15:17:28.878Z",
    "dateReserved": "2025-04-16T08:20:17.031Z",
    "dateUpdated": "2025-06-10T17:11:51.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-41797 (GCVE-0-2024-41797)
Vulnerability from cvelistv5
Published
2025-06-10 15:17
Modified
2025-06-10 17:12
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
CWE
  • CWE-269 - Improper Privilege Management
Summary
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.1), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions < V3.1), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions < V3.1), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions < V3.1), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions < V3.1), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions < V3.1), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions < V3.1), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions < V3.1), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions < V3.1), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions < V3.1), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions < V3.1), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions < V3.1), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions < V3.1), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions < V3.1), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions < V3.1), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions < V3.1), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions < V3.1), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions < V3.1), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions < V3.1), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions < V3.1), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions < V3.1), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions < V3.1), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions < V3.1), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions < V3.1), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions < V3.1), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions < V3.1), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions < V3.1), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions < V3.1), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions < V3.1), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions < V3.1), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions < V3.1), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions < V3.1), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions < V3.1), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions < V3.1), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions < V3.1), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions < V3.1), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions < V3.1), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions < V3.1), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions < V3.1), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions < V3.1), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions < V3.1). Affected devices contain an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with "guest" role to invoke an internal "do system" command which exceeds their privileges. This command allows the execution of certain low-risk actions, the most critical of which is clearing the local system log.
References
Impacted products
Vendor Product Version
Siemens RUGGEDCOM RST2428P Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XC316-8 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XC324-4 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XC324-4 EEC Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XC332 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XC416-8 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XC424-4 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XC432 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XCH328 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XCM324 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XCM328 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XCM332 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR302-32 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR322-12 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR326-8 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR326-8 EEC Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR502-32 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR522-12 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XR526-8 Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRH334 (24 V DC, 8xFO, CC) Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230 V AC, 12xFO) Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230 V AC, 8xFO) Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24 V DC, 12xFO) Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24 V DC, 8xFO) Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230 V AC, 12xFO) Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230 V AC, 8xFO) Version: 0   < V3.1
 Create a notification for this product.
   Siemens SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) Version: 0   < V3.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-41797",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-10T17:12:07.544428Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-10T17:12:12.653Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "RUGGEDCOM RST2428P",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC316-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC324-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC324-4 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC332",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC416-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC424-4",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XC432",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCH328",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM324",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM328",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XCM332",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR302-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR322-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR326-8 EEC",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR502-32",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR522-12",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XR526-8",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRH334 (24 V DC, 8xFO, CC)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230 V AC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230 V AC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24 V DC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24 V DC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230 V AC, 12xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230 V AC, 8xFO)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+)",
          "vendor": "Siemens",
          "versions": [
            {
              "lessThan": "V3.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions \u003c V3.1), SCALANCE XC316-8 (6GK5324-8TS00-2AC2) (All versions \u003c V3.1), SCALANCE XC324-4 (6GK5328-4TS00-2AC2) (All versions \u003c V3.1), SCALANCE XC324-4 EEC (6GK5328-4TS00-2EC2) (All versions \u003c V3.1), SCALANCE XC332 (6GK5332-0GA00-2AC2) (All versions \u003c V3.1), SCALANCE XC416-8 (6GK5424-8TR00-2AC2) (All versions \u003c V3.1), SCALANCE XC424-4 (6GK5428-4TR00-2AC2) (All versions \u003c V3.1), SCALANCE XC432 (6GK5432-0GR00-2AC2) (All versions \u003c V3.1), SCALANCE XCH328 (6GK5328-4TS01-2EC2) (All versions \u003c V3.1), SCALANCE XCM324 (6GK5324-8TS01-2AC2) (All versions \u003c V3.1), SCALANCE XCM328 (6GK5328-4TS01-2AC2) (All versions \u003c V3.1), SCALANCE XCM332 (6GK5332-0GA01-2AC2) (All versions \u003c V3.1), SCALANCE XR302-32 (6GK5334-5TS00-2AR3) (All versions \u003c V3.1), SCALANCE XR302-32 (6GK5334-5TS00-3AR3) (All versions \u003c V3.1), SCALANCE XR302-32 (6GK5334-5TS00-4AR3) (All versions \u003c V3.1), SCALANCE XR322-12 (6GK5334-3TS00-2AR3) (All versions \u003c V3.1), SCALANCE XR322-12 (6GK5334-3TS00-3AR3) (All versions \u003c V3.1), SCALANCE XR322-12 (6GK5334-3TS00-4AR3) (All versions \u003c V3.1), SCALANCE XR326-8 (6GK5334-2TS00-2AR3) (All versions \u003c V3.1), SCALANCE XR326-8 (6GK5334-2TS00-3AR3) (All versions \u003c V3.1), SCALANCE XR326-8 (6GK5334-2TS00-4AR3) (All versions \u003c V3.1), SCALANCE XR326-8 EEC (6GK5334-2TS00-2ER3) (All versions \u003c V3.1), SCALANCE XR502-32 (6GK5534-5TR00-2AR3) (All versions \u003c V3.1), SCALANCE XR502-32 (6GK5534-5TR00-3AR3) (All versions \u003c V3.1), SCALANCE XR502-32 (6GK5534-5TR00-4AR3) (All versions \u003c V3.1), SCALANCE XR522-12 (6GK5534-3TR00-2AR3) (All versions \u003c V3.1), SCALANCE XR522-12 (6GK5534-3TR00-3AR3) (All versions \u003c V3.1), SCALANCE XR522-12 (6GK5534-3TR00-4AR3) (All versions \u003c V3.1), SCALANCE XR526-8 (6GK5534-2TR00-2AR3) (All versions \u003c V3.1), SCALANCE XR526-8 (6GK5534-2TR00-3AR3) (All versions \u003c V3.1), SCALANCE XR526-8 (6GK5534-2TR00-4AR3) (All versions \u003c V3.1), SCALANCE XRH334 (24 V DC, 8xFO, CC) (6GK5334-2TS01-2ER3) (All versions \u003c V3.1), SCALANCE XRM334 (230 V AC, 12xFO) (6GK5334-3TS01-3AR3) (All versions \u003c V3.1), SCALANCE XRM334 (230 V AC, 8xFO) (6GK5334-2TS01-3AR3) (All versions \u003c V3.1), SCALANCE XRM334 (230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-3AR3) (All versions \u003c V3.1), SCALANCE XRM334 (24 V DC, 12xFO) (6GK5334-3TS01-2AR3) (All versions \u003c V3.1), SCALANCE XRM334 (24 V DC, 8xFO) (6GK5334-2TS01-2AR3) (All versions \u003c V3.1), SCALANCE XRM334 (24V DC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-2AR3) (All versions \u003c V3.1), SCALANCE XRM334 (2x230 V AC, 12xFO) (6GK5334-3TS01-4AR3) (All versions \u003c V3.1), SCALANCE XRM334 (2x230 V AC, 8xFO) (6GK5334-2TS01-4AR3) (All versions \u003c V3.1), SCALANCE XRM334 (2x230V AC, 2x10G, 24xSFP, 8xSFP+) (6GK5334-5TS01-4AR3) (All versions \u003c V3.1). Affected devices contain an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with \"guest\" role to invoke an internal \"do system\" command which exceeds their privileges. This command allows the execution of certain low-risk actions, the most critical of which is clearing the local system log."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        {
          "cvssV4_0": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269: Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-10T15:17:11.253Z",
        "orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
        "shortName": "siemens"
      },
      "references": [
        {
          "url": "https://cert-portal.siemens.com/productcert/html/ssa-633269.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
    "assignerShortName": "siemens",
    "cveId": "CVE-2024-41797",
    "datePublished": "2025-06-10T15:17:11.253Z",
    "dateReserved": "2024-07-22T13:19:53.377Z",
    "dateUpdated": "2025-06-10T17:12:12.653Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}