CVE-2021-37209 Vulnerability Analysis & Exploit Details

CVE-2021-37209
Vulnerability Scoring

6.7
/10
High Risk

If left unpatched, CVE-2021-37209 could lead to major system disruptions or data loss.

Attack Complexity Details

  • Attack Complexity: High
    Exploits require significant effort and special conditions.
  • Attack Vector: Adjacent_network
    Attack Vector Under Analysis
  • Privileges Required: None
    No privileges are required for exploitation.
  • Scope: Unchanged
    Exploit remains within the originally vulnerable component.
  • User Interaction: Required
    User interaction is necessary for successful exploitation.

CVE-2021-37209 Details

Status: Modified

Last updated: 🕕 21 Nov 2024, 06:14 UTC
Originally published on: 🕛 08 Mar 2022, 12:15 UTC

Time between publication and last update: 988 days

CVSS Release: version 3

CVSS3 Source

productcert@siemens.com

CVSS3 Type

Secondary

CVSS3 Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H

CVE-2021-37209 Vulnerability Summary

CVE-2021-37209: A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < V4.3.8), RUGGEDCOM M2200 (All versions < V4.3.8), RUGGEDCOM M969 (All versions < V4.3.8), RUGGEDCOM RMC30 (All versions < V4.3.8), RUGGEDCOM RMC8388 V4.X (All versions < V4.3.8), RUGGEDCOM RMC8388 V5.X (All versions < V5.7.0), RUGGEDCOM RP110 (All versions < V4.3.8), RUGGEDCOM RS1600 (All versions < V4.3.8), RUGGEDCOM RS1600F (All versions < V4.3.8), RUGGEDCOM RS1600T (All versions < V4.3.8), RUGGEDCOM RS400 (All versions < V4.3.8), RUGGEDCOM RS401 (All versions < V4.3.8), RUGGEDCOM RS416 (All versions < V4.3.8), RUGGEDCOM RS416P (All versions < V4.3.8), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.8), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.7.0), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.8), RUGGEDCOM RS416v2 V5.X (All versions < V5.7.0), RUGGEDCOM RS8000 (All versions < V4.3.8), RUGGEDCOM RS8000A (All versions < V4.3.8), RUGGEDCOM RS8000H (All versions < V4.3.8), RUGGEDCOM RS8000T (All versions < V4.3.8), RUGGEDCOM RS900 (All versions < V4.3.8), RUGGEDCOM RS900 (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RS900G (All versions < V4.3.8), RUGGEDCOM RS900G (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RS900GP (All versions < V4.3.8), RUGGEDCOM RS900L (All versions < V4.3.8), RUGGEDCOM RS900M-GETS-C01 (All versions < V4.3.8), RUGGEDCOM RS900M-GETS-XX (All versions < V4.3.8), RUGGEDCOM RS900M-STND-C01 (All versions < V4.3.8), RUGGEDCOM RS900M-STND-XX (All versions < V4.3.8), RUGGEDCOM RS900W (All versions < V4.3.8), RUGGEDCOM RS910 (All versions < V4.3.8), RUGGEDCOM RS910L (All versions < V4.3.8), RUGGEDCOM RS910W (All versions < V4.3.8), RUGGEDCOM RS920L (All versions < V4.3.8), RUGGEDCOM RS920W (All versions < V4.3.8), RUGGEDCOM RS930L (All versions < V4.3.8), RUGGEDCOM RS930W (All versions < V4.3.8), RUGGEDCOM RS940G (All versions < V4.3.8), RUGGEDCOM RS969 (All versions < V4.3.8), RUGGEDCOM RSG2100 (All versions < V4.3.8), RUGGEDCOM RSG2100 (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RSG2100P (All versions < V4.3.8), RUGGEDCOM RSG2200 (All versions < V4.3.8), RUGGEDCOM RSG2288 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2288 V5.X (All versions < V5.7.0), RUGGEDCOM RSG2300 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2300 V5.X (All versions < V5.7.0), RUGGEDCOM RSG2300P V4.X (All versions < V4.3.8), RUGGEDCOM RSG2300P V5.X (All versions < V5.7.0), RUGGEDCOM RSG2488 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2488 V5.X (All versions < V5.7.0), RUGGEDCOM RSG907R (All versions < V5.7.0), RUGGEDCOM RSG908C (All versions < V5.7.0), RUGGEDCOM RSG909R (All versions < V5.7.0), RUGGEDCOM RSG910C (All versions < V5.7.0), RUGGEDCOM RSG920P V4.X (All versions < V4.3.8), RUGGEDCOM RSG920P V5.X (All versions < V5.7.0), RUGGEDCOM RSL910 (All versions < V5.7.0), RUGGEDCOM RST2228 (All versions < V5.7.0), RUGGEDCOM RST2228P (All versions < V5.7.0), RUGGEDCOM RST916C (All versions < V5.7.0), RUGGEDCOM RST916P (All versions < V5.7.0). The SSH server on affected devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.

Assessing the Risk of CVE-2021-37209

Access Complexity Graph

The exploitability of CVE-2021-37209 depends on two key factors: attack complexity (the level of effort required to execute an exploit) and privileges required (the access level an attacker needs).

Exploitability Analysis for CVE-2021-37209

CVE-2021-37209 presents a challenge to exploit due to its high attack complexity, but the absence of privilege requirements still makes it a viable target for skilled attackers. A thorough security review is advised.

Understanding AC and PR

A lower complexity and fewer privilege requirements make exploitation easier. Security teams should evaluate these aspects to determine the urgency of mitigation strategies, such as patch management and access control policies.

Attack Complexity (AC) measures the difficulty in executing an exploit. A high AC means that specific conditions must be met, making an attack more challenging, while a low AC means the vulnerability can be exploited with minimal effort.

Privileges Required (PR) determine the level of system access necessary for an attack. Vulnerabilities requiring no privileges are more accessible to attackers, whereas high privilege requirements limit exploitation to authorized users with elevated access.

CVSS Score Breakdown Chart

Above is the CVSS Sub-score Breakdown for CVE-2021-37209, illustrating how Base, Impact, and Exploitability factors combine to form the overall severity rating. A higher sub-score typically indicates a more severe or easier-to-exploit vulnerability.

CIA Impact Analysis

Below is the Impact Analysis for CVE-2021-37209, showing how Confidentiality, Integrity, and Availability might be affected if the vulnerability is exploited. Higher values usually signal greater potential damage.

  • Confidentiality: Low
    CVE-2021-37209 could lead to minor leaks of non-critical information without major privacy breaches.
  • Integrity: High
    CVE-2021-37209 could allow unauthorized modifications to data, potentially affecting system reliability and trust.
  • Availability: High
    CVE-2021-37209 can disrupt system operations, potentially causing complete denial of service (DoS).

Exploit Prediction Scoring System (EPSS)

The EPSS score estimates the probability that this vulnerability will be exploited in the near future.

EPSS Score: 0.044% (probability of exploit)

EPSS Percentile: 15.33% (lower percentile = lower relative risk)
This vulnerability is less risky than approximately 84.67% of others.

CVE-2021-37209 References

External References

CWE Common Weakness Enumeration

CWE-311

CAPEC Common Attack Pattern Enumeration and Classification

  • Sniffing Attacks CAPEC-157 In this attack pattern, the adversary intercepts information transmitted between two third parties. The adversary must be able to observe, read, and/or hear the communication traffic, but not necessarily block the communication or change its content. Any transmission medium can theoretically be sniffed if the adversary can examine the contents between the sender and recipient. Sniffing Attacks are similar to Adversary-In-The-Middle attacks (CAPEC-94), but are entirely passive. AiTM attacks are predominantly active and often alter the content of the communications themselves.
  • Sniffing Network Traffic CAPEC-158 In this attack pattern, the adversary monitors network traffic between nodes of a public or multicast network in an attempt to capture sensitive information at the protocol level. Network sniffing applications can reveal TCP/IP, DNS, Ethernet, and other low-level network communication information. The adversary takes a passive role in this attack pattern and simply observes and analyzes the traffic. The adversary may precipitate or indirectly influence the content of the observed transaction, but is never the intended recipient of the target information.
  • Lifting Sensitive Data Embedded in Cache CAPEC-204 An adversary examines a target application's cache, or a browser cache, for sensitive information. Many applications that communicate with remote entities or which perform intensive calculations utilize caches to improve efficiency. However, if the application computes or receives sensitive information and the cache is not appropriately protected, an attacker can browse the cache and retrieve this information. This can result in the disclosure of sensitive information.
  • Accessing/Intercepting/Modifying HTTP Cookies CAPEC-31 This attack relies on the use of HTTP Cookies to store credentials, state information and other critical data on client systems. There are several different forms of this attack. The first form of this attack involves accessing HTTP Cookies to mine for potentially sensitive data contained therein. The second form involves intercepting this data as it is transmitted from client to server. This intercepted information is then used by the adversary to impersonate the remote user/session. The third form is when the cookie's content is modified by the adversary before it is sent back to the server. Here the adversary seeks to convince the target server to operate on this falsified information.
  • Retrieve Embedded Sensitive Data CAPEC-37 An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.
  • Harvesting Information via API Event Monitoring CAPEC-383 An adversary hosts an event within an application framework and then monitors the data exchanged during the course of the event for the purpose of harvesting any important data leaked during the transactions. One example could be harvesting lists of usernames or userIDs for the purpose of sending spam messages to those users. One example of this type of attack involves the adversary creating an event within the sub-application. Assume the adversary hosts a "virtual sale" of rare items. As other users enter the event, the attacker records via AiTM (CAPEC-94) proxy the user_ids and usernames of everyone who attends. The adversary would then be able to spam those users within the application using an automated script.
  • Application API Message Manipulation via Man-in-the-Middle CAPEC-384 An attacker manipulates either egress or ingress data from a client within an application framework in order to change the content of messages. Performing this attack can allow the attacker to gain unauthorized privileges within the application, or conduct attacks such as phishing, deceptive strategies to spread malware, or traditional web-application attacks. The techniques require use of specialized software that allow the attacker to perform adversary-in-the-middle (CAPEC-94) communications between the web browser and the remote system. Despite the use of AiTH software, the attack is actually directed at the server, as the client is one node in a series of content brokers that pass information along to the application framework. Additionally, it is not true "Adversary-in-the-Middle" attack at the network layer, but an application-layer attack the root cause of which is the master applications trust in the integrity of code supplied by the client.
  • Transaction or Event Tampering via Application API Manipulation CAPEC-385 An attacker hosts or joins an event or transaction within an application framework in order to change the content of messages or items that are being exchanged. Performing this attack allows the attacker to manipulate content in such a way as to produce messages or content that look authentic but may contain deceptive links, substitute one item or another, spoof an existing item and conduct a false exchange, or otherwise change the amounts or identity of what is being exchanged. The techniques require use of specialized software that allow the attacker to man-in-the-middle communications between the web browser and the remote system in order to change the content of various application elements. Often, items exchanged in game can be monetized via sales for coin, virtual dollars, etc. The purpose of the attack is for the attack to scam the victim by trapping the data packets involved the exchange and altering the integrity of the transfer process.
  • Application API Navigation Remapping CAPEC-386 An attacker manipulates either egress or ingress data from a client within an application framework in order to change the destination and/or content of links/buttons displayed to a user within API messages. Performing this attack allows the attacker to manipulate content in such a way as to produce messages or content that looks authentic but contains links/buttons that point to an attacker controlled destination. Some applications make navigation remapping more difficult to detect because the actual HREF values of images, profile elements, and links/buttons are masked. One example would be to place an image in a user's photo gallery that when clicked upon redirected the user to an off-site location. Also, traditional web vulnerabilities (such as CSRF) can be constructed with remapped buttons or links. In some cases navigation remapping can be used for Phishing attacks or even means to artificially boost the page view, user site reputation, or click-fraud.
  • Navigation Remapping To Propagate Malicious Content CAPEC-387 An adversary manipulates either egress or ingress data from a client within an application framework in order to change the content of messages and thereby circumvent the expected application logic.
  • Application API Button Hijacking CAPEC-388 An attacker manipulates either egress or ingress data from a client within an application framework in order to change the destination and/or content of buttons displayed to a user within API messages. Performing this attack allows the attacker to manipulate content in such a way as to produce messages or content that looks authentic but contains buttons that point to an attacker controlled destination.
  • Signature Spoofing by Mixing Signed and Unsigned Content CAPEC-477 An attacker exploits the underlying complexity of a data structure that allows for both signed and unsigned content, to cause unsigned data to be processed as though it were signed data.
  • Cellular Traffic Intercept CAPEC-609 Cellular traffic for voice and data from mobile devices and retransmission devices can be intercepted via numerous methods. Malicious actors can deploy their own cellular tower equipment and intercept cellular traffic surreptitiously. Additionally, government agencies of adversaries and malicious actors can intercept cellular traffic via the telecommunications backbone over which mobile traffic is transmitted.
  • Sniff Application Code CAPEC-65 An adversary passively sniffs network communications and captures application code bound for an authorized client. Once obtained, they can use it as-is, or through reverse-engineering glean sensitive information or exploit the trust relationship between the client and server. Such code may belong to a dynamic update to the client, a patch being applied to a client component or any such interaction where the client is authorized to communicate with the server.

Vulnerable Configurations

  • cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*
    cpe:2.3:o:siemens:ruggedcom_ros:*:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_i800:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_i800:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_i801:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_i801:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_i802:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_i802:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_i803:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_i803:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_m2100:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_m2100:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_m2200:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_m2200:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_m969:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_m969:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rmc:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rmc:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rmc20:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rmc20:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rmc30:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rmc30:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rmc40:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rmc40:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rmc41:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rmc41:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rmc8388:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rmc8388:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rp110:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rp110:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs400:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs400:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs401:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs401:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs416:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs416:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs416v2:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs416v2:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs8000:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs8000:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs8000a:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs8000a:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs8000h:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs8000h:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs8000t:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs8000t:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs900:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs900:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs900g:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs900g:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs900gp:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs900gp:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs900l:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs900l:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs900w:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs900w:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs910:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs910:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs910l:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs910l:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs910w:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs910w:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs920l:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs920l:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs920w:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs920w:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs930l:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs930l:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs930w:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs930w:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs940g:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs940g:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rs969:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rs969:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg2100:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg2100:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg2100p:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg2100p:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg2200:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg2200:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg2288:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg2288:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg2300:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg2300:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg2300p:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg2300p:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg2488:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg2488:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg907r:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg907r:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg908c:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg908c:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg909r:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg909r:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg910c:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg910c:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsg920p:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsg920p:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rsl910:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rsl910:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rst2228:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rst2228:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rst2228p:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rst2228p:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rst916c:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rst916c:-:*:*:*:*:*:*:*
  • cpe:2.3:h:siemens:ruggedcom_rst916p:-:*:*:*:*:*:*:*
    cpe:2.3:h:siemens:ruggedcom_rst916p:-:*:*:*:*:*:*:*

Protect Your Infrastructure against CVE-2021-37209: Combat Critical CVE Threats

Stay updated with real-time CVE vulnerabilities and take action to secure your systems. Enhance your cybersecurity posture with the latest threat intelligence and mitigation techniques. Develop the skills necessary to defend against CVEs and secure critical infrastructures. Join the top cybersecurity professionals safeguarding today's infrastructures.

Other 5 Recently Published CVEs Vulnerabilities

  • CVE-2025-26205 – Lua 5.4.7, when the debug library is used, has a out-of-bounds read and segmentation violation in mainpositionTV in ltable.c. NOTE: this is dispute...
  • CVE-2025-26204 – Lua 5.4.7, when the debug library is used, has a out-of-bounds read and segmentation violation in equalkey in ltable.c. NOTE: this is disputed beca...
  • CVE-2025-2129 – A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecur...
  • CVE-2025-2127 – A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla. It has been classified as problematic. Affected is an unknown function of th...
  • CVE-2025-2126 – A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0 on Joomla and classified as critical. This issue affects some unknown processing of the...