CVE-2024-56837

🗓️ 09 Dec 2025 10:44:15Reported by siemensType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 4 Views

Ruggedcom ROX II devices before 2.17.0 allow reverse shell and root access via config loading.

Reporter	Title	Published	Views	Family All 10
CNNVD	Siemens RUGGEDCOM ROX II 命令注入漏洞	9 Dec 202500:00	–	cnnvd
CNVD	Siemens RUGGEDCOM ROX II Command Injection Vulnerability (CNVD-2026-00016)	15 Dec 202500:00	–	cnvd
Cvelist	CVE-2024-56837	9 Dec 202510:44	–	cvelist
EUVD	EUVD-2024-55307	9 Dec 202518:30	–	euvd
NCSC	Vulnerabilities fixed in Siemens products	9 Dec 202513:15	–	ncsc
NVD	CVE-2024-56837	9 Dec 202516:17	–	nvd
Positive Technologies	PT-2025-49828	9 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2024-56837	10 Dec 202511:33	–	redhatcve
Tenable Nessus	Siemens RUGGEDCOM ROX II Improper Neutralization of Special Elements Used in a Command (CVE-2024-56837)	9 Jan 202600:00	–	nessus
Vulnrichment	CVE-2024-56837	9 Dec 202510:44	–	vulnrichment

NVD

Node

siemens ruggedcom_rox_ii_firmwareRange<2.17.0

AND

siemens ruggedcom_rox_iiMatch-

[
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX MX5000",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX MX5000RE",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1400",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1500",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1501",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1510",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1511",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1512",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1524",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1536",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX5000",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "V2.17.0",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-912274.html

13 Jan 2026 10:15Current

8.9High risk

Vulners AI Score8.9

CVSS 3.17.2

CVSS 48.6

EPSS0.00017

SSVC

CWE-77