9.8
CRITICAL
CVE-2023-24845
RUGGEDCOM Mirroring Port Forwarding Vulnerability
Description

A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. The affected products insufficiently block data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.

INFO

Published Date :

Aug. 8, 2023, 10:15 a.m.

Last Modified :

Nov. 21, 2024, 7:48 a.m.

Remotely Exploitable :

Yes !

Impact Score :

5.9

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2023-24845 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Siemens ruggedcom_ros
2 Siemens ruggedcom_rsg2488
3 Siemens ruggedcom_rsl910
4 Siemens ruggedcom_i800
5 Siemens ruggedcom_i801
6 Siemens ruggedcom_i802
7 Siemens ruggedcom_i803
8 Siemens ruggedcom_m969
9 Siemens ruggedcom_m2100
10 Siemens ruggedcom_m2200
11 Siemens ruggedcom_rmc30
12 Siemens ruggedcom_rmc8388
13 Siemens ruggedcom_rp110
14 Siemens ruggedcom_rs400
15 Siemens ruggedcom_rs401
16 Siemens ruggedcom_rs416
17 Siemens ruggedcom_rs416v2
18 Siemens ruggedcom_rs900
19 Siemens ruggedcom_rs900g
20 Siemens ruggedcom_rs900gp
21 Siemens ruggedcom_rs900l
22 Siemens ruggedcom_rs900w
23 Siemens ruggedcom_rs910
24 Siemens ruggedcom_rs910l
25 Siemens ruggedcom_rs910w
26 Siemens ruggedcom_rs920l
27 Siemens ruggedcom_rs920w
28 Siemens ruggedcom_rs930l
29 Siemens ruggedcom_rs930w
30 Siemens ruggedcom_rs940g
31 Siemens ruggedcom_rs969
32 Siemens ruggedcom_rs8000
33 Siemens ruggedcom_rs8000a
34 Siemens ruggedcom_rs8000h
35 Siemens ruggedcom_rs8000t
36 Siemens ruggedcom_rsg920p
37 Siemens ruggedcom_rsg2100
38 Siemens ruggedcom_rsg2100p
39 Siemens ruggedcom_rsg2200
40 Siemens ruggedcom_rsg2288
41 Siemens ruggedcom_rsg2300
42 Siemens ruggedcom_rsg2300p
43 Siemens ruggedcom_rst916c
44 Siemens ruggedcom_rst916p
45 Siemens ruggedcom_rst2228
46 Siemens ruggedcom_rsg907r
47 Siemens ruggedcom_rsg908c
48 Siemens ruggedcom_rsg909r
49 Siemens ruggedcom_rsg910c
50 Siemens ruggedcom_rst2228p
51 Siemens ruggedcom_rs900_\(32m\)
52 Siemens ruggedcom_rs900g_\(32m\)
53 Siemens ruggedcom_rsg2100_\(32m\)
54 Siemens ruggedcom_rs416pv2
55 Siemens ruggedcom_i800nc
56 Siemens ruggedcom_i801nc
57 Siemens ruggedcom_i802nc
58 Siemens ruggedcom_i803nc
59 Siemens ruggedcom_m2100nc
60 Siemens ruggedcom_m2200nc
61 Siemens ruggedcom_m969nc
62 Siemens ruggedcom_rmc30nc
63 Siemens ruggedcom_rp110nc
64 Siemens ruggedcom_rs1600
65 Siemens ruggedcom_rs1600f
66 Siemens ruggedcom_rs1600fnc
67 Siemens ruggedcom_rs1600nc
68 Siemens ruggedcom_rs1600t
69 Siemens ruggedcom_rs1600tnc
70 Siemens ruggedcom_rs400nc
71 Siemens ruggedcom_rs401nc
72 Siemens ruggedcom_rs416nc
73 Siemens ruggedcom_rs416p
74 Siemens ruggedcom_rs416pnc
75 Siemens ruggedcom_rs8000anc
76 Siemens ruggedcom_rs8000hnc
77 Siemens ruggedcom_rs8000nc
78 Siemens ruggedcom_rs8000tnc
79 Siemens ruggedcom_rs900gnc
80 Siemens ruggedcom_rs900gpnc
81 Siemens ruggedcom_rs900lnc
82 Siemens ruggedcom_rs900m-gets-c01
83 Siemens ruggedcom_rs900m-gets-xx
84 Siemens ruggedcom_rs900m-stnd-c01
85 Siemens ruggedcom_rs900m-stnd-xx
86 Siemens ruggedcom_rs900mnc-gets-c01
87 Siemens ruggedcom_rs900mnc-gets-xx
88 Siemens ruggedcom_rs900mnc-stnd-xx
89 Siemens ruggedcom_rs900mnc-stnd-xx-c01
90 Siemens ruggedcom_rs900nc
91 Siemens ruggedcom_rs910lnc
92 Siemens ruggedcom_rs910nc
93 Siemens ruggedcom_rs920lnc
94 Siemens ruggedcom_rs930lnc
95 Siemens ruggedcom_rs940gnc
96 Siemens ruggedcom_rs969nc
97 Siemens ruggedcom_rsg2100nc
98 Siemens ruggedcom_rsg2100pnc
99 Siemens ruggedcom_rsg2200nc
100 Siemens ruggedcom_rmc8388nc
101 Siemens ruggedcom_rs900gnc\(32m\)
102 Siemens ruggedcom_rs900nc\(32m\)
103 Siemens ruggedcom_rsg2100nc\(32m\)
104 Siemens ruggedcom_rsg2288nc
105 Siemens ruggedcom_rsg2300nc
106 Siemens ruggedcom_rsg2300pnc
107 Siemens ruggedcom_rsg2488nc
108 Siemens ruggedcom_rsg920pnc
109 Siemens ruggedcom_m2100f
110 Siemens ruggedcom_m2200f
111 Siemens ruggedcom_m969f
112 Siemens ruggedcom_rs400f
113 Siemens ruggedcom_rs416f
114 Siemens ruggedcom_rs416nc_v2
115 Siemens ruggedcom_rs416pf
116 Siemens ruggedcom_rs416pnc_v2
117 Siemens ruggedcom_rs900f
118 Siemens ruggedcom_rs900gf
119 Siemens ruggedcom_rs900gpf
120 Siemens ruggedcom_rs940gf
121 Siemens ruggedcom_rsg2100f
122 Siemens ruggedcom_rsg2100pf
123 Siemens ruggedcom_rsg2200f
124 Siemens ruggedcom_rsg2300f
125 Siemens ruggedcom_rsg2300pf
126 Siemens ruggedcom_rsg2488f
127 Siemens ruggedcom_rsl910nc
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-24845.

URL Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-908185.pdf Mitigation Vendor Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-908185.pdf Mitigation Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-24845 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-24845 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://cert-portal.siemens.com/productcert/pdf/ssa-908185.pdf
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Nov. 14, 2023

    Action Type Old Value New Value
    Changed Description A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NC v2, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNC v2, RUGGEDCOM RS416Pv2, RUGGEDCOM RS416v2, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. The affected products insufficiently block data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior. A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i801NC, RUGGEDCOM i802, RUGGEDCOM i802NC, RUGGEDCOM i803, RUGGEDCOM i803NC, RUGGEDCOM M2100, RUGGEDCOM M2100F, RUGGEDCOM M2100NC, RUGGEDCOM M2200, RUGGEDCOM M2200F, RUGGEDCOM M2200NC, RUGGEDCOM M969, RUGGEDCOM M969F, RUGGEDCOM M969NC, RUGGEDCOM RMC30, RUGGEDCOM RMC30NC, RUGGEDCOM RMC8388 V4.X, RUGGEDCOM RMC8388 V5.X, RUGGEDCOM RMC8388NC V4.X, RUGGEDCOM RMC8388NC V5.X, RUGGEDCOM RP110, RUGGEDCOM RP110NC, RUGGEDCOM RS1600, RUGGEDCOM RS1600F, RUGGEDCOM RS1600FNC, RUGGEDCOM RS1600NC, RUGGEDCOM RS1600T, RUGGEDCOM RS1600TNC, RUGGEDCOM RS400, RUGGEDCOM RS400F, RUGGEDCOM RS400NC, RUGGEDCOM RS401, RUGGEDCOM RS401NC, RUGGEDCOM RS416, RUGGEDCOM RS416F, RUGGEDCOM RS416NC, RUGGEDCOM RS416NCv2 V4.X, RUGGEDCOM RS416NCv2 V5.X, RUGGEDCOM RS416P, RUGGEDCOM RS416PF, RUGGEDCOM RS416PNC, RUGGEDCOM RS416PNCv2 V4.X, RUGGEDCOM RS416PNCv2 V5.X, RUGGEDCOM RS416Pv2 V4.X, RUGGEDCOM RS416Pv2 V5.X, RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS8000, RUGGEDCOM RS8000A, RUGGEDCOM RS8000ANC, RUGGEDCOM RS8000H, RUGGEDCOM RS8000HNC, RUGGEDCOM RS8000NC, RUGGEDCOM RS8000T, RUGGEDCOM RS8000TNC, RUGGEDCOM RS900, RUGGEDCOM RS900, RUGGEDCOM RS900 (32M) V4.X, RUGGEDCOM RS900 (32M) V5.X, RUGGEDCOM RS900F, RUGGEDCOM RS900G, RUGGEDCOM RS900G (32M) V4.X, RUGGEDCOM RS900G (32M) V5.X, RUGGEDCOM RS900GF, RUGGEDCOM RS900GNC, RUGGEDCOM RS900GNC(32M) V4.X, RUGGEDCOM RS900GNC(32M) V5.X, RUGGEDCOM RS900GP, RUGGEDCOM RS900GPF, RUGGEDCOM RS900GPNC, RUGGEDCOM RS900L, RUGGEDCOM RS900L, RUGGEDCOM RS900LNC, RUGGEDCOM RS900LNC, RUGGEDCOM RS900M-GETS-C01, RUGGEDCOM RS900M-GETS-XX, RUGGEDCOM RS900M-STND-C01, RUGGEDCOM RS900M-STND-XX, RUGGEDCOM RS900MNC-GETS-C01, RUGGEDCOM RS900MNC-GETS-XX, RUGGEDCOM RS900MNC-STND-XX, RUGGEDCOM RS900MNC-STND-XX-C01, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC, RUGGEDCOM RS900NC(32M) V4.X, RUGGEDCOM RS900NC(32M) V5.X, RUGGEDCOM RS900W, RUGGEDCOM RS910, RUGGEDCOM RS910L, RUGGEDCOM RS910LNC, RUGGEDCOM RS910NC, RUGGEDCOM RS910W, RUGGEDCOM RS920L, RUGGEDCOM RS920LNC, RUGGEDCOM RS920W, RUGGEDCOM RS930L, RUGGEDCOM RS930LNC, RUGGEDCOM RS930W, RUGGEDCOM RS940G, RUGGEDCOM RS940GF, RUGGEDCOM RS940GNC, RUGGEDCOM RS969, RUGGEDCOM RS969NC, RUGGEDCOM RSG2100, RUGGEDCOM RSG2100 (32M) V4.X, RUGGEDCOM RSG2100 (32M) V5.X, RUGGEDCOM RSG2100F, RUGGEDCOM RSG2100NC, RUGGEDCOM RSG2100NC(32M) V4.X, RUGGEDCOM RSG2100NC(32M) V5.X, RUGGEDCOM RSG2100P, RUGGEDCOM RSG2100PF, RUGGEDCOM RSG2100PNC, RUGGEDCOM RSG2200, RUGGEDCOM RSG2200F, RUGGEDCOM RSG2200NC, RUGGEDCOM RSG2288 V4.X, RUGGEDCOM RSG2288 V5.X, RUGGEDCOM RSG2288NC V4.X, RUGGEDCOM RSG2288NC V5.X, RUGGEDCOM RSG2300 V4.X, RUGGEDCOM RSG2300 V5.X, RUGGEDCOM RSG2300F, RUGGEDCOM RSG2300NC V4.X, RUGGEDCOM RSG2300NC V5.X, RUGGEDCOM RSG2300P V4.X, RUGGEDCOM RSG2300P V5.X, RUGGEDCOM RSG2300PF, RUGGEDCOM RSG2300PNC V4.X, RUGGEDCOM RSG2300PNC V5.X, RUGGEDCOM RSG2488 V4.X, RUGGEDCOM RSG2488 V5.X, RUGGEDCOM RSG2488F, RUGGEDCOM RSG2488NC V4.X, RUGGEDCOM RSG2488NC V5.X, RUGGEDCOM RSG907R, RUGGEDCOM RSG908C, RUGGEDCOM RSG909R, RUGGEDCOM RSG910C, RUGGEDCOM RSG920P V4.X, RUGGEDCOM RSG920P V5.X, RUGGEDCOM RSG920PNC V4.X, RUGGEDCOM RSG920PNC V5.X, RUGGEDCOM RSL910, RUGGEDCOM RSL910NC, RUGGEDCOM RST2228, RUGGEDCOM RST2228P, RUGGEDCOM RST916C, RUGGEDCOM RST916P. The affected products insufficiently block data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior.
  • Initial Analysis by [email protected]

    Aug. 17, 2023

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type https://cert-portal.siemens.com/productcert/pdf/ssa-908185.pdf No Types Assigned https://cert-portal.siemens.com/productcert/pdf/ssa-908185.pdf Mitigation, Vendor Advisory
    Added CWE NIST NVD-CWE-Other
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:* versions up to (excluding) 4.3.8 OR cpe:2.3:h:siemens:ruggedcom_i800:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_i800nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_i801:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_i801nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_i802:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_i802nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_i803:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_i803nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_m2100:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_m2100nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_m2200:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_m2200nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_m969:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_m969nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rmc30:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rmc30nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rp110:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rp110nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs1600:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs1600f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs1600fnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs1600nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs1600t:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs1600tnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs400:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs400nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs401:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs401nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416p:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416pnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs8000:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs8000a:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs8000anc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs8000h:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs8000hnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs8000nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs8000t:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs8000tnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900gnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900gp:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900gpnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900l:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900lnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900m-gets-c01:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900m-gets-xx:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900m-stnd-c01:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900m-stnd-xx:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900mnc-gets-c01:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900mnc-gets-xx:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900mnc-stnd-xx:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900mnc-stnd-xx-c01:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900w:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs910:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs910l:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs910lnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs910nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs910w:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs920l:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs920lnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs920w:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs930l:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs930lnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs930w:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs940g:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs940gnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs969:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs969nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100p:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100pnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2200:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2200nc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:* versions from (including) 4.0.0 up to (excluding) 4.3.8 OR cpe:2.3:h:siemens:ruggedcom_rmc8388:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rmc8388nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900_\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900g_\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900gnc\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900nc\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100_\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100nc\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2288:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2288nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300p:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300pnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2488:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2488nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg920p:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg920pnc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:* versions from (including) 5.0.0 OR cpe:2.3:h:siemens:ruggedcom_rmc8388:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rmc8388nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900_\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900g_\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900gnc\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900nc\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100_\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100nc\(32m\):-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2288:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2288nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300p:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300pnc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2488:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2488nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg920p:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg920pnc:-:*:*:*:*:*:*:*
    Added CPE Configuration AND OR *cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:* OR cpe:2.3:h:siemens:ruggedcom_m2100f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_m2200f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_m969f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs400f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416nc_v2:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416pf:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416pnc_v2:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416pv2:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs416v2:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900gf:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs900gpf:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rs940gf:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2100pf:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2200f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2300pf:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg2488f:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg907r:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg908c:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg909r:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsg910c:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsl910:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rsl910nc:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rst2228:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rst2228p:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rst916c:-:*:*:*:*:*:*:* cpe:2.3:h:siemens:ruggedcom_rst916p:-:*:*:*:*:*:*:*
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-24845 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-24845 weaknesses.

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.13 }} 0.00%

score

0.48390

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability