What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2022-29561.

What is the severity of CVE-2022-29561?

The severity of CVE-2022-29561 is high (8.8).

How can I fix CVE-2022-29561?

To fix CVE-2022-29561, update to version 2.16.0 or later of the affected RUGGEDCOM ROX products.

Where can I find more information about CVE-2022-29561?

You can find more information about CVE-2022-29561 at the following link: [link to cert-portal.siemens.com](https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf).

Vulnerability/
CVE-2022-29561

high

8.8

CWE

352

11/7/2023

12/11/2024

CVE-2022-29561: CSRF

Q: Which products are affected by CVE-2022-29561?

The following products are affected by CVE-2022-29561: RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0).

First published: Tue Jul 11 2023(Updated: )

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The web interface of the affected devices are vulnerable to Cross-Site Request Forgery attacks. By tricking an authenticated victim user to click a malicious link, an attacker could perform arbitrary actions on the device on behalf of the victim user.

Credit: productcert@siemens.com productcert@siemens.com

Affected Software	Affected Version	How to fix
Siemens Ruggedcom Rox Mx5000 Firmware	<2.16.0
Siemens RUGGEDCOM ROX MX5000
Siemens Ruggedcom Rox Mx5000re Firmware	<2.16.0
Siemens Ruggedcom Rox Mx5000re
Siemens Ruggedcom Rox Rx1400 Firmware	<2.16.0
Siemens RUGGEDCOM ROX RX1400
Siemens Ruggedcom Rox Rx1500 Firmware	<2.16.0
Siemens RUGGEDCOM ROX RX1500
Siemens Ruggedcom Rox Rx1501 Firmware	<2.16.0
Siemens RUGGEDCOM ROX RX1501
Siemens Ruggedcom Rox Rx1510 Firmware	<2.16.0
Siemens RUGGEDCOM ROX RX1510
Siemens Ruggedcom Rox Rx1511 Firmware	<2.16.0
Siemens RUGGEDCOM ROX RX1511
Siemens Ruggedcom Rox Rx1512 Firmware	<2.16.0
Siemens RUGGEDCOM ROX RX1512
Siemens Ruggedcom Rox Rx1524 Firmware	<2.16.0
Siemens Ruggedcom Rox Rx1524
Siemens Ruggedcom Rox Rx1536 Firmware	<2.16.0
Siemens Ruggedcom Rox Rx1536
Siemens Ruggedcom Rox Rx5000 Firmware	<2.16.0
Siemens Ruggedcom Rox Rx5000

Never miss a vulnerability like this again

Reference Links

https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf

Frequently Asked Questions

What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-29561.
What is the severity of CVE-2022-29561?
The severity of CVE-2022-29561 is high (8.8).
Which products are affected by CVE-2022-29561?
The following products are affected by CVE-2022-29561: RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0).
How can I fix CVE-2022-29561?
To fix CVE-2022-29561, update to version 2.16.0 or later of the affected RUGGEDCOM ROX products.
Where can I find more information about CVE-2022-29561?
You can find more information about CVE-2022-29561 at the following link: [link to cert-portal.siemens.com](https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf).

collector/nvd-latest
agent/author
agent/type
agent/event
agent/last-modified-date
agent/first-publish-date
collector/nvd-api
agent/software-canonical-lookup-request
collector/nvd-index
agent/weakness
agent/severity
agent/references
agent/softwarecombine
agent/tags
agent/description
collector/mitre-cve
source/MITRE
vendor/siemens
canonical/siemens ruggedcom rox mx5000 firmware
canonical/siemens ruggedcom rox mx5000
canonical/siemens ruggedcom rox mx5000re firmware
canonical/siemens ruggedcom rox mx5000re
canonical/siemens ruggedcom rox rx1400 firmware
canonical/siemens ruggedcom rox rx1400
canonical/siemens ruggedcom rox rx1500 firmware
canonical/siemens ruggedcom rox rx1500
canonical/siemens ruggedcom rox rx1501 firmware
canonical/siemens ruggedcom rox rx1501
canonical/siemens ruggedcom rox rx1510 firmware
canonical/siemens ruggedcom rox rx1510
canonical/siemens ruggedcom rox rx1511 firmware
canonical/siemens ruggedcom rox rx1511
canonical/siemens ruggedcom rox rx1512 firmware
canonical/siemens ruggedcom rox rx1512
canonical/siemens ruggedcom rox rx1524 firmware
canonical/siemens ruggedcom rox rx1524
canonical/siemens ruggedcom rox rx1536 firmware
canonical/siemens ruggedcom rox rx1536
canonical/siemens ruggedcom rox rx5000 firmware
canonical/siemens ruggedcom rox rx5000

CVE-2022-29561: CSRF

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this issue?

What is the severity of CVE-2022-29561?

Which products are affected by CVE-2022-29561?

How can I fix CVE-2022-29561?

Where can I find more information about CVE-2022-29561?

Company

Resources

Contact