CVE-2025-40567

Name of the Vulnerable Software and Affected Versions RUGGEDCOM RST2428P versions prior to V3.2 SCALANCE XC316-8 versions prior to V3.2 SCALANCE XC324-4 versions prior to V3.2 SCALANCE XC324-4 EEC versions prior to V3.2 SCALANCE XC332 versions prior to V3.2 SCALANCE XC416-8 versions prior to V3.2 SCALANCE XC424-4 versions prior to V3.2 SCALANCE XC432 versions prior to V3.2 SCALANCE XCH328 versions prior to V3.2 SCALANCE XCM324 versions prior to V3.2 SCALANCE XCM328 versions prior to V3.2 SCALANCE XCM332 versions prior to V3.2 SCALANCE XR302-32 versions prior to V3.2 SCALANCE XR322-12 versions prior to V3.2 SCALANCE XR326-8 versions prior to V3.2 SCALANCE XR326-8 EEC versions prior to V3.2 SCALANCE XR502-32 versions prior to V3.2 SCALANCE XR522-12 versions prior to V3.2 SCALANCE XR526-8 versions prior to V3.2 SCALANCE XRH334 versions prior to V3.2 SCALANCE XRM334 versions prior to V3.2

Description The "Load Rollback" functionality in the web interface of affected products contains an incorrect authorization check. This could allow an authenticated remote attacker with a "guest" role to make the affected product roll back configuration changes made by privileged users.

Recommendations For RUGGEDCOM RST2428P versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XC316-8 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XC324-4 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XC324-4 EEC versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XC332 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XC416-8 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XC424-4 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XC432 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XCH328 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XCM324 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XCM328 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XCM332 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XR302-32 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XR322-12 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XR326-8 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XR326-8 EEC versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XR502-32 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XR522-12 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XR526-8 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XRH334 versions prior to V3.2, update to version V3.2 or later to resolve the issue. For SCALANCE XRM334 versions prior to V3.2, update to version V3.2 or later to resolve the issue.