CVE-2024-50560

Name of the Vulnerable Software and Affected Versions RUGGEDCOM RM1224 LTE(4G) EU versions < V8.2 RUGGEDCOM RM1224 LTE(4G) NAM versions < V8.2 SCALANCE M804PB versions < V8.2 SCALANCE M812-1 ADSL-Router versions < V8.2 SCALANCE M816-1 ADSL-Router versions < V8.2 SCALANCE M826-2 SHDSL-Router versions < V8.2 SCALANCE M874-2 versions < V8.2 SCALANCE M874-3 versions < V8.2 SCALANCE M874-3 3G-Router (CN) versions < V8.2 SCALANCE M876-3 versions < V8.2 SCALANCE M876-4 versions < V8.2 SCALANCE MUM853-1 versions < V8.2 SCALANCE MUM856-1 versions < V8.2 SCALANCE S615 EEC LAN-Router versions < V8.2 SCALANCE S615 LAN-Router versions < V8.2 SCALANCE WAB762-1 versions < V3.0.0 SCALANCE WAM763-1 versions < V3.0.0 SCALANCE WAM766-1 versions < V3.0.0 SCALANCE WUB762-1 versions < V3.0.0 SCALANCE WUM763-1 versions < V3.0.0 SCALANCE WUM766-1 versions < V3.0.0

Description A vulnerability has been identified in the listed devices, where usernames longer than 15 characters are truncated when accessed via SSH or Telnet. This could allow an attacker to compromise system integrity. The issue is related to the incorrect handling of usernames containing more than 15 characters, which are not fully read when accessed through SSH or Telnet.

Recommendations For RUGGEDCOM RM1224 LTE(4G) EU versions < V8.2, update to version V8.2 or later. For RUGGEDCOM RM1224 LTE(4G) NAM versions < V8.2, update to version V8.2 or later. For SCALANCE M804PB versions < V8.2, update to version V8.2 or later. For SCALANCE M812-1 ADSL-Router versions < V8.2, update to version V8.2 or later. For SCALANCE M816-1 ADSL-Router versions < V8.2, update to version V8.2 or later. For SCALANCE M826-2 SHDSL-Router versions < V8.2, update to version V8.2 or later. For SCALANCE M874-2 versions < V8.2, update to version V8.2 or later. For SCALANCE M874-3 versions < V8.2, update to version V8.2 or later. For SCALANCE M874-3 3G-Router (CN) versions < V8.2, update to version V8.2 or later. For SCALANCE M876-3 versions < V8.2, update to version V8.2 or later. For SCALANCE M876-4 versions < V8.2, update to version V8.2 or later. For SCALANCE MUM853-1 versions < V8.2, update to version V8.2 or later. For SCALANCE MUM856-1 versions < V8.2, update to version V8.2 or later. For SCALANCE S615 EEC LAN-Router versions < V8.2, update to version V8.2 or later. For SCALANCE S615 LAN-Router versions < V8.2, update to version V8.2 or later. For SCALANCE WAB762-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WAM763-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WAM766-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WUB762-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WUM763-1 versions < V3.0.0, update to version V3.0.0 or later. For SCALANCE WUM766-1 versions < V3.0.0, update to version V3.0.0 or later. As a temporary workaround, consider restricting access to SSH and Telnet until a patch is available.