CVE-2024-38278

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RMC8388 versions prior to V5.9.0 RUGGEDCOM RMC8388NC versions prior to V5.9.0 RUGGEDCOM RS416NCv2 versions prior to V5.9.0 RUGGEDCOM RS416PNCv2 versions prior to V5.9.0 RUGGEDCOM RS416Pv2 versions prior to V5.9.0 RUGGEDCOM RS416v2 versions prior to V5.9.0 RUGGEDCOM RS900 (32M) versions prior to V5.9.0 RUGGEDCOM RS900G (32M) versions prior to V5.9.0 RUGGEDCOM RS900GNC(32M) versions prior to V5.9.0 RUGGEDCOM RS900NC(32M) versions prior to V5.9.0 RUGGEDCOM RSG2100 (32M) versions prior to V5.9.0 RUGGEDCOM RSG2100NC(32M) versions prior to V5.9.0 RUGGEDCOM RSG2288 versions prior to V5.9.0 RUGGEDCOM RSG2288NC versions prior to V5.9.0 RUGGEDCOM RSG2300 versions prior to V5.9.0 RUGGEDCOM RSG2300NC versions prior to V5.9.0 RUGGEDCOM RSG2300P versions prior to V5.9.0 RUGGEDCOM RSG2300PNC versions prior to V5.9.0 RUGGEDCOM RSG2488 versions prior to V5.9.0 RUGGEDCOM RSG2488NC versions prior to V5.9.0 RUGGEDCOM RSG907R versions prior to V5.9.0 RUGGEDCOM RSG908C versions prior to V5.9.0 RUGGEDCOM RSG909R versions prior to V5.9.0 RUGGEDCOM RSG910C versions prior to V5.9.0 RUGGEDCOM RSG920P versions prior to V5.9.0 RUGGEDCOM RSG920PNC versions prior to V5.9.0 RUGGEDCOM RSL910 versions prior to V5.9.0 RUGGEDCOM RSL910NC versions prior to V5.9.0 RUGGEDCOM RST2228 versions prior to V5.9.0 RUGGEDCOM RST2228P versions prior to V5.9.0 RUGGEDCOM RST916C versions prior to V5.9.0 RUGGEDCOM RST916P versions prior to V5.9.0

Description: The affected products with IP forwarding enabled wrongly make available certain remote services in non-managed VLANs, even if these services are not intentionally activated. An attacker could leverage this issue to create a remote shell to the affected system. The vulnerability is related to insufficient access control in the IP forwarding function of the RUGGEDCOM Ethernet switch firmware. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information.

Recommendations: For all versions prior to V5.9.0, update to version V5.9.0 or later to resolve the issue. As a temporary workaround, consider disabling IP forwarding until a patch is available. Restrict access to remote services in non-managed VLANs to minimize the risk of exploitation. Avoid using the affected products with IP forwarding enabled in sensitive environments until the issue is resolved. At the moment, there is no other information about additional mitigation measures.