Product
high
threat
Siemens RUGGEDCOM ROX Devices Vulnerable to Remote Code Execution via Feature Key Injection (CVE-2025-40947)
2 rules 1 TTP 1 CVECVE-2025-40947 describes a vulnerability in Siemens RUGGEDCOM ROX devices that allows authenticated remote attackers to inject arbitrary commands via a maliciously crafted feature key, resulting in remote code execution with root privileges.
RUGGEDCOM ROX MX5000 +10
cve
rce
siemens
ruggedcom
ics
2r
1t
1c
critical
advisory
CVE-2025-40949 - Siemens RUGGEDCOM ROX Web UI Command Injection
2 rules 1 TTP 1 CVEAn authenticated remote command injection vulnerability exists in the web UI scheduler functionality of multiple RUGGEDCOM ROX devices before V2.17.1, allowing arbitrary command execution with root privileges.
RUGGEDCOM ROX MX5000 +10
command-injection
rce
ruggedcom
2r
1t
1c