CVE-2024-41797

Name of the Vulnerable Software and Affected Versions RUGGEDCOM RST2428P versions prior to V3.1 SCALANCE XC316-8 versions prior to V3.1 SCALANCE XC324-4 versions prior to V3.1 SCALANCE XC324-4 EEC versions prior to V3.1 SCALANCE XC332 versions prior to V3.1 SCALANCE XC416-8 versions prior to V3.1 SCALANCE XC424-4 versions prior to V3.1 SCALANCE XC432 versions prior to V3.1 SCALANCE XCH328 versions prior to V3.1 SCALANCE XCM324 versions prior to V3.1 SCALANCE XCM328 versions prior to V3.1 SCALANCE XCM332 versions prior to V3.1 SCALANCE XR302-32 versions prior to V3.1 SCALANCE XR322-12 versions prior to V3.1 SCALANCE XR326-8 versions prior to V3.1 SCALANCE XR326-8 EEC versions prior to V3.1 SCALANCE XR502-32 versions prior to V3.1 SCALANCE XR522-12 versions prior to V3.1 SCALANCE XR526-8 versions prior to V3.1 SCALANCE XRH334 versions prior to V3.1 SCALANCE XRM334 versions prior to V3.1

Description The affected devices contain an incorrect authorization check vulnerability. This could allow an authenticated remote attacker with a "guest" role to invoke an internal "do system" command which exceeds their privileges. The command allows the execution of certain low-risk actions, the most critical of which is clearing the local system log.

Recommendations For all versions prior to V3.1, update to version V3.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the internal "do system" command to prevent unauthorized execution. Restrict access to the affected devices to minimize the risk of exploitation. Avoid using the "guest" role for remote access until the issue is resolved. At the moment, there is no other information about additional mitigation measures.