CVE-2023-36752

🗓️ 11 Jul 2023 09:07:19Reported by siemensType

Vulnerability in RUGGEDCOM devices allows authenticated remote attacker to execute arbitrary code

Reporter	Title	Published	Views	Family All 11
CNNVD	Siemens RUGGEDCOM ROX 系列多款产品命令注入漏洞	11 Jul 202300:00	–	cnnvd
CNVD	Siemens RUGGEDCOM ROX Command Injection Vulnerability (CNVD-2023-60609)	12 Jul 202300:00	–	cnvd
CVE	CVE-2023-36752	11 Jul 202309:07	–	cve
EUVD	EUVD-2023-40695	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Siemens products	11 Jul 202300:00	–	ncsc
NVD	CVE-2023-36752	11 Jul 202310:15	–	nvd
Prion	Command injection	11 Jul 202310:15	–	prion
Positive Technologies	PT-2023-4044 · Siemens · Ruggedcom Rox Rx1500 +8	27 Jun 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-36752	23 May 202504:02	–	redhatcve
Tenable Nessus	Siemens RUGGEDCOM ROX Improper Neutralization of Special Elements Used in a Command (CVE-2023-36752)	14 Sep 202300:00	–	nessus

[
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX MX5000",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX MX5000RE",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1400",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1500",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1501",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1510",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1511",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1512",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1524",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX1536",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Siemens",
    "product": "RUGGEDCOM ROX RX5000",
    "versions": [
      {
        "version": "All versions < V2.16.0",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf

11 Jul 2023 09:07Current

9.3High risk

Vulners AI Score9.3

CVSS 3.19.1

EPSS0.01742

CWE-77