EUVD-2025-14689

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Vulnerability in RUGGEDCOM devices allows command injection via tcpdump tool leading to code execution.

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the ping tool in the web interface of the microprogramming software for routing and switching platform RUGGEDCOM ROX series, MX (MX5000, MX5000RE) and RX (RX1400, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000), allows a hacker to execute arbitrary code.	9 Jun 202500:00	–	bdu_fstec
Circl	CVE-2025-33024	13 May 202510:30	–	circl
CNNVD	Siemens多款产品安全漏洞	13 May 202500:00	–	cnnvd
CVE	CVE-2025-33024	13 May 202509:38	–	cve
Cvelist	CVE-2025-33024	13 May 202509:38	–	cvelist
NVD	CVE-2025-33024	13 May 202510:15	–	nvd
Positive Technologies	PT-2025-20861 · Siemens +1 · Ruggedcom Rox Mx5000 +9	13 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-33024	15 May 202510:11	–	redhatcve
Tenable Nessus	Siemens RUGGEDCOM ROX II Client-Side Enforcement of Server-Side Security (CVE-2025-33024)	18 Nov 202500:00	–	nessus
Vulnrichment	CVE-2025-33024	13 May 202509:38	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "c6a69b33-8d0a-3370-a55b-a6227c12ad0d",
        "vendor": {
          "name": "Siemens"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "06b9dae5-cb25-3d96-a23a-33903dc62382",
        "product": {
          "name": "RUGGEDCOM ROX RX1400"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "132c3062-7795-309a-b0f6-67adce4bd76e",
        "product": {
          "name": "RUGGEDCOM ROX RX1536"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "251fdfbd-56dc-3ce0-bc76-9632d87f3d4d",
        "product": {
          "name": "RUGGEDCOM ROX RX1510"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "25397f8c-b097-3318-9a3c-c7c2a22b0c86",
        "product": {
          "name": "RUGGEDCOM ROX RX1512"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "5bdce8f6-6f0c-34a8-97fd-9f8baa562ce9",
        "product": {
          "name": "RUGGEDCOM ROX MX5000RE"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "7715d596-55b0-3fdd-ae54-dded1ce92c30",
        "product": {
          "name": "RUGGEDCOM ROX RX1524"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "86970252-438f-3481-b814-c2849c47a3f0",
        "product": {
          "name": "RUGGEDCOM ROX RX1500"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "91b337db-ec1a-3f86-9019-b67cb7de8c95",
        "product": {
          "name": "RUGGEDCOM ROX RX1501"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "93a83d79-4d0d-3f60-809d-3207732d5817",
        "product": {
          "name": "RUGGEDCOM ROX RX5000"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "bd4062fb-4bea-32f1-b8d7-8e61914c369d",
        "product": {
          "name": "RUGGEDCOM ROX MX5000"
        },
        "product_version": "0 <V2.16.5"
      },
      {
        "id": "bf87e467-a44c-3db8-9dfe-ed361f267047",
        "product": {
          "name": "RUGGEDCOM ROX RX1511"
        },
        "product_version": "0 <V2.16.5"
      }
    ]
  }
]

Source	Link
cert-portal	www.cert-portal.siemens.com/productcert/html/ssa-301229.html

03 Oct 2025 20:07Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.19.9

CVSS 49.4

EPSS0.01168

SSVC