CVE-2017-2688

Name of the Vulnerable Software and Affected Versions Siemens RUGGEDCOM ROX I (all versions)

Description The issue allows remote attackers to perform actions with the privileges of an authenticated user. This can happen if the targeted user has an active session and is induced into clicking on a malicious link or visiting a malicious website.

Recommendations For all versions, consider restricting access to the integrated web server at port 10000/TCP to minimize the risk of exploitation. As a temporary workaround, implement additional authentication steps to prevent unauthorized actions.