ICSA-26-134-12
·
Published 2026-05-14
·
View on CISA ICS-CERT ↗
Siemens Ruggedcom Rox
CVSS 9.1
CRITICAL
Risk Summary
Ruggedcom Rox contains an input validation vulnerability in the Scheduler functionality that could allow an authenticated remote attacker to execute arbitrary commands with root privileges on the underlying operating system. Siemens has released new versions for the affected products and recommends to update to the latest versions.
CVEs (1)
Remediations
- Update to V2.17.1 or later version
Affected Vendors
Siemens
Affected Products (11)
Siemens
·
RUGGEDCOM ROX MX5000
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX MX5000RE
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX RX1400
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX RX1500
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX RX1501
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX RX1510
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX RX1511
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX RX1512
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX RX1524
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX RX1536
vers:intdot/<2.17.1
Siemens
·
RUGGEDCOM ROX RX5000
vers:intdot/<2.17.1
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more