Description
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All versions < V2.17.1), RUGGEDCOM ROX RX1524 (All versions < V2.17.1), RUGGEDCOM ROX RX1536 (All versions < V2.17.1), RUGGEDCOM ROX RX5000 (All versions < V2.17.1). Affected devices do not properly validate input in the web server's JSON-RPC interface.

This could allow an authenticated remote attacker to read arbitrary files from the underlying operating system's filesystem with root privileges.
Published: 2026-05-12
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability stems from improper input validation in the web server’s JSON‑RPC interface on Siemens RUGGEDCOM devices. The flaw allows an authenticated remote attacker to read files from the underlying operating system with root privileges, effectively granting elevated access and confidentiality compromise. The weakness is classified as CWE‑88 – Incorrect Access Control.

Affected Systems

Affected products include Siemens RUGGEDCOM ROX MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, and RX5000. All firmware versions older than V2.17.1 are vulnerable.

Risk and Exploitability

The CVSS score of 6.1 indicates moderate severity. EPSS data is not available, and the vulnerability has not been listed in the CISA KEV catalog. The attack requires authentication and remote access to the JSON‑RPC endpoint, making it exploitable against systems exposed to untrusted networks and with weak credential policies.

Generated by OpenCVE AI on May 12, 2026 at 10:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the device firmware to V2.17.1 or later to resolve the input validation flaw.
  • Restrict or disable access to the JSON‑RPC interface through firewall rules or network segmentation so only trusted management hosts can reach it.
  • Ensure strong authentication for all users and review existing credentials to prevent unauthorized account misuse.

Generated by OpenCVE AI on May 12, 2026 at 10:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Siemens
Siemens ruggedcom Rox Mx5000
Siemens ruggedcom Rox Mx5000re
Siemens ruggedcom Rox Rx1400
Siemens ruggedcom Rox Rx1500
Siemens ruggedcom Rox Rx1501
Siemens ruggedcom Rox Rx1510
Siemens ruggedcom Rox Rx1511
Siemens ruggedcom Rox Rx1512
Siemens ruggedcom Rox Rx1524
Siemens ruggedcom Rox Rx1536
Siemens ruggedcom Rox Rx5000
Vendors & Products Siemens
Siemens ruggedcom Rox Mx5000
Siemens ruggedcom Rox Mx5000re
Siemens ruggedcom Rox Rx1400
Siemens ruggedcom Rox Rx1500
Siemens ruggedcom Rox Rx1501
Siemens ruggedcom Rox Rx1510
Siemens ruggedcom Rox Rx1511
Siemens ruggedcom Rox Rx1512
Siemens ruggedcom Rox Rx1524
Siemens ruggedcom Rox Rx1536
Siemens ruggedcom Rox Rx5000

Tue, 12 May 2026 10:45:00 +0000

Type Values Removed Values Added
Title Authenticated Remote Attacker Can Read Arbitrary Files via JSON‑RPC Input Validation in RUGGEDCOM Devices

Tue, 12 May 2026 09:30:00 +0000

Type Values Removed Values Added
Description A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All versions < V2.17.1), RUGGEDCOM ROX RX1524 (All versions < V2.17.1), RUGGEDCOM ROX RX1536 (All versions < V2.17.1), RUGGEDCOM ROX RX5000 (All versions < V2.17.1). Affected devices do not properly validate input in the web server's JSON-RPC interface. This could allow an authenticated remote attacker to read arbitrary files from the underlying operating system's filesystem with root privileges.
Weaknesses CWE-88
References
Metrics cvssV3_1

{'score': 6.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N'}

cvssV4_0

{'score': 6.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N'}

Subscriptions

Siemens Ruggedcom Rox Mx5000 Ruggedcom Rox Mx5000re Ruggedcom Rox Rx1400 Ruggedcom Rox Rx1500 Ruggedcom Rox Rx1501 Ruggedcom Rox Rx1510 Ruggedcom Rox Rx1511 Ruggedcom Rox Rx1512 Ruggedcom Rox Rx1524 Ruggedcom Rox Rx1536 Ruggedcom Rox Rx5000
cve-icon MITRE

Status: PUBLISHED

Assigner: siemens

Published:

Updated: 2026-05-12T12:43:43.061Z

Reserved: 2025-04-16T09:06:15.879Z

Link: CVE-2025-40948

cve-icon Vulnrichment

Updated: 2026-05-12T12:43:38.870Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-12T10:16:43.203

Modified: 2026-05-12T14:19:41.400

Link: CVE-2025-40948

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T10:45:13Z

Weaknesses