216.73.216.233

CVE-2025-23384

· Published 11/03/2025 10:15 · Modified 11/03/2025 10:15

Labels: CVE-2025-23384 2025-03-11CVE-2025-23384CWE-187[email protected]

Essential information

Published
11/03/2025 10:15
Modified
11/03/2025 10:15
Author
Creator
CVSS
3.7 LOW (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CVSS metrics

Description

A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.2.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.2.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2.1), SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) (All versions < V8.2.1), SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) (All versions < V8.2.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2.1), SCALANCE SC-600 family (All versions). Affected devices improperly validate usernames during OpenVPN authentication. This could allow an attacker to get partial invalid usernames accepted by the server.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
siemens / ruggedcom rm1224 lte eu cpe:2.3:a:siemens:ruggedcom_rm1224_lte_eu:*:*:*:*:*:*:*:*
siemens / ruggedcom rm1224 lte nam cpe:2.3:a:siemens:ruggedcom_rm1224_lte_nam:*:*:*:*:*:*:*:*
siemens / scalance m804pb cpe:2.3:a:siemens:scalance_m804pb:*:*:*:*:*:*:*:*
siemens / scalance m812-1 adsl router cpe:2.3:a:siemens:scalance_m812-1_adsl_router:*:*:*:*:*:*:*:*
siemens / scalance m816-1 adsl router cpe:2.3:a:siemens:scalance_m816-1_adsl_router:*:*:*:*:*:*:*:*
siemens / scalance m826-2 shdsl router cpe:2.3:a:siemens:scalance_m826-2_shdsl_router:*:*:*:*:*:*:*:*
siemens / scalance m874-2 cpe:2.3:a:siemens:scalance_m874-2:*:*:*:*:*:*:*:*
siemens / scalance m874-3 cpe:2.3:a:siemens:scalance_m874-3:*:*:*:*:*:*:*:*
siemens / scalance m876-3 cpe:2.3:a:siemens:scalance_m876-3:*:*:*:*:*:*:*:*
siemens / scalance s615 eec lan router cpe:2.3:a:siemens:scalance_s615_eec_lan_router:*:*:*:*:*:*:*:*
siemens / scalance s615 lan router cpe:2.3:a:siemens:scalance_s615_lan_router:*:*:*:*:*:*:*:*
siemens / scalance sc-600 family cpe:2.3:a:siemens:scalance_sc-600_family:*:*:*:*:*:*:*:*

References