A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device may be susceptible to resource exhaustion when subjected to high volumes of query requests.
This could allow an attacker to cause a temporary denial of service, with the system recovering once the activity stops.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 03 Oct 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Siemens ruggedcom Rst2428p Firmware
CPEs cpe:2.3:h:siemens:ruggedcom_rst2428p:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rst2428p_firmware:*:*:*:*:*:*:*:*
Vendors & Products Siemens ruggedcom Rst2428p Firmware

Tue, 09 Sep 2025 23:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 09 Sep 2025 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Siemens
Siemens ruggedcom Rst2428p
Vendors & Products Siemens
Siemens ruggedcom Rst2428p

Tue, 09 Sep 2025 09:00:00 +0000

Type Values Removed Values Added
Description A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The affected device may be susceptible to resource exhaustion when subjected to high volumes of query requests. This could allow an attacker to cause a temporary denial of service, with the system recovering once the activity stops.
Weaknesses CWE-400
References
Metrics cvssV3_1

{'score': 3.1, 'vector': 'CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L'}

cvssV4_0

{'score': 2.3, 'vector': 'CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published:

Updated: 2025-09-09T19:33:45.612Z

Reserved: 2025-04-16T08:50:26.973Z

Link: CVE-2025-40802

cve-icon Vulnrichment

Updated: 2025-09-09T19:33:41.425Z

cve-icon NVD

Status : Analyzed

Published: 2025-09-09T09:15:38.407

Modified: 2025-10-03T19:37:59.347

Link: CVE-2025-40802

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-09-09T21:31:37Z