CVE-2024-41978

🗓️ 13 Aug 2024 07:54:39Reported by siemensType

Vulnerability in RUGGEDCOM and SCALANCE devices allowing 2FA token forger

Reporter	Title	Published	Views	Family All 13
BDU FSTEC	The vulnerability of the microprogrammed software of industrial routers SCALANCE M-800, related to insufficient protection of registration data, allows a hacker to replace other users’ 2FA tokens and expose the protected information.	31 Oct 202400:00	–	bdu_fstec
Circl	CVE-2024-41978	13 Aug 202411:14	–	circl
CNVD	Siemens SCALANCE M-800 Series Information Disclosure Vulnerability	14 Aug 202400:00	–	cnvd
Cvelist	CVE-2024-41978	13 Aug 202407:54	–	cvelist
EUVD	EUVD-2024-39307	3 Oct 202520:07	–	euvd
ICS	Siemens SCALANCE M-800, RUGGEDCOM RM1224	13 Aug 202400:00	–	ics
NCSC	Vulnerabilities fixed in Siemens products	13 Aug 202409:21	–	ncsc
NVD	CVE-2024-41978	13 Aug 202408:15	–	nvd
OSV	CVE-2024-41978	13 Aug 202408:15	–	osv
Positive Technologies	PT-2024-7410 · Siemens · Scalance Mum856-1 +13	13 Aug 202400:00	–	ptsecurity

NVD

Node

siemens ruggedcom_rm1224_lte(4g)_eu_firmwareRange<8.1

AND

siemens ruggedcom_rm1224_lte(4g)_euMatch-

Node

siemens ruggedcom_rm1224_lte(4g)_nam_firmwareRange<8.1

AND

siemens ruggedcom_rm1224_lte(4g)_namMatch-

Node

siemens scalance_m804pb_firmwareRange<8.1

AND

siemens scalance_m804pbMatch-

Node

siemens scalance_m826-2_shdsl-router_firmwareRange<8.1

AND

siemens scalance_m826-2_shdsl-routerMatch-

Node

siemens scalance_m874-2_firmwareRange<8.1

AND

siemens scalance_m874-2Match-

Node

siemens scalance_m874-3_firmwareRange<8.1

AND

siemens scalance_m874-3Match-

Node

siemens scalance_m876-3_firmwareRange<8.1

AND

siemens scalance_m876-3Match-

Node

siemens scalance_m876-4_firmwareRange<8.1

AND

siemens scalance_m876-4Match-

Node

siemens scalance_m874-3_3g-router_(cn)_firmwareRange<8.1

AND

siemens scalance_m874-3_3g-router_(cn)Match-

Node

siemens scalance_m876-3_(rok)_firmwareRange<8.1

AND

siemens scalance_m876-3_(rok)Match-

Node

siemens scalance_m876-4_(eu)_firmwareRange<8.1

AND

siemens scalance_m876-4_(eu)Match-

Node

siemens scalance_m876-4_(nam)_firmwareRange<8.1

AND

siemens scalance_m876-4_(nam)Match-

Node

siemens scalance_mum853-1_(a1)_firmwareRange<8.1

AND

siemens scalance_mum853-1_(a1)Match-

Node

siemens scalance_mum853-1_(b1)_firmwareRange<8.1

AND

siemens scalance_mum853-1_(b1)Match-

Node

siemens scalance_mum853-1_(eu)_firmwareRange<8.1

AND

siemens scalance_mum853-1_(eu)Match-

Node

siemens scalance_mum856-1_(a1)_firmwareRange<8.1

AND

siemens scalance_mum856-1_(a1)Match-

Node

siemens scalance_mum856-1_(b1)_firmwareRange<8.1

AND

siemens scalance_mum856-1_(b1)Match-

Node

siemens scalance_mum856-1_(cn)_firmwareRange<8.1

AND

siemens scalance_mum856-1_(cn)Match-

Node

siemens scalance_mum856-1_(eu)_firmwareRange<8.1

AND

siemens scalance_mum856-1_(eu)Match-

Node

siemens scalance_mum856-1_(row)_firmwareRange<8.1

AND

siemens scalance_mum856-1_(row)Match-

Node

siemens scalance_s615_eec_lan-router_firmwareRange<8.1

AND

siemens scalance_s615_eec_lan-routerMatch-

Node

siemens scalance_s615_lan-router_firmwareRange<8.1

AND

siemens scalance_s615_lan-routerMatch-

Node

siemens scalance_m812-1_(annex_a)_firmwareRange<8.1

AND

siemens scalance_m812-1_(annex_a)Match-

Node

siemens scalance_m812-1_(annex_b)_firmwareRange<8.1

AND

siemens scalance_m812-1_(annex_b)Match-

Node

siemens scalance_m816-1_(annex_a)_firmwareRange<8.1

AND

siemens scalance_m816-1_(annex_a)Match-

Node

siemens scalance_m816-1_(annex_b)_firmwareRange<8.1

AND

siemens scalance_m816-1_(annex_b)Match-

[
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM RM1224 LTE(4G) EU",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM RM1224 LTE(4G) NAM",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M804PB",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M812-1 ADSL-Router family",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M816-1 ADSL-Router family",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M826-2 SHDSL-Router",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M874-2",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M874-3",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M874-3 3G-Router (CN)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M876-3",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M876-3 (ROK)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M876-4",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M876-4 (EU)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE M876-4 (NAM)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE MUM853-1 (A1)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE MUM853-1 (B1)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE MUM853-1 (EU)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE MUM856-1 (A1)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE MUM856-1 (B1)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE MUM856-1 (CN)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE MUM856-1 (EU)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE MUM856-1 (RoW)",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE S615 EEC LAN-Router",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "SCALANCE S615 LAN-Router",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V8.1",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-087301.html

17 Jun 2026 07:48Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.5

CVSS 47.1

EPSS0.00488

SSVC

CWE-532