1. Home
  2. CVE Database
  3. CVE-2024-37990
MEDIUM · 6.5

CVE-2024-37990

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF6...

Vulnerability Description

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF610R FCC (6GT2811-6BC10-1AA0) (All versions < V4.2), SIMATIC Reader RF615R CMIIT (6GT2811-6CC10-2AA0) (All versions < V4.2), SIMATIC Reader RF615R ETSI (6GT2811-6CC10-0AA0) (All versions < V4.2), SIMATIC Reader RF615R FCC (6GT2811-6CC10-1AA0) (All versions < V4.2), SIMATIC Reader RF650R ARIB (6GT2811-6AB20-4AA0) (All versions < V4.2), SIMATIC Reader RF650R CMIIT (6GT2811-6AB20-2AA0) (All versions < V4.2), SIMATIC Reader RF650R ETSI (6GT2811-6AB20-0AA0) (All versions < V4.2), SIMATIC Reader RF650R FCC (6GT2811-6AB20-1AA0) (All versions < V4.2), SIMATIC Reader RF680R ARIB (6GT2811-6AA10-4AA0) (All versions < V4.2), SIMATIC Reader RF680R CMIIT (6GT2811-6AA10-2AA0) (All versions < V4.2), SIMATIC Reader RF680R ETSI (6GT2811-6AA10-0AA0) (All versions < V4.2), SIMATIC Reader RF680R FCC (6GT2811-6AA10-1AA0) (All versions < V4.2), SIMATIC Reader RF685R ARIB (6GT2811-6CA10-4AA0) (All versions < V4.2), SIMATIC Reader RF685R CMIIT (6GT2811-6CA10-2AA0) (All versions < V4.2), SIMATIC Reader RF685R ETSI (6GT2811-6CA10-0AA0) (All versions < V4.2), SIMATIC Reader RF685R FCC (6GT2811-6CA10-1AA0) (All versions < V4.2), SIMATIC RF1140R (6GT2831-6CB00) (All versions < V1.1), SIMATIC RF1170R (6GT2831-6BB00) (All versions < V1.1), SIMATIC RF166C (6GT2002-0EE20) (All versions < V2.2), SIMATIC RF185C (6GT2002-0JE10) (All versions < V2.2), SIMATIC RF186C (6GT2002-0JE20) (All versions < V2.2), SIMATIC RF186CI (6GT2002-0JE50) (All versions < V2.2), SIMATIC RF188C (6GT2002-0JE40) (All versions < V2.2), SIMATIC RF188CI (6GT2002-0JE60) (All versions < V2.2), SIMATIC RF360R (6GT2801-5BA30) (All versions < V2.2). The affected applications contain configuration files which can be modified. An attacker with privilege access can modify these files and enable features that are not released for this device.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
SiemensSimatic Rf360R Firmware< 2.2
SiemensSimatic Rf360R-
SiemensSimatic Rf1170R Firmware< 1.1
SiemensSimatic Rf1170R-
SiemensSimatic Rf1140R Firmware< 1.1
SiemensSimatic Rf1140R-
SiemensSimatic Reader Rf685R Fcc Firmware< 4.2
SiemensSimatic Reader Rf685R Fcc-
SiemensSimatic Reader Rf685R Etsi Firmware< 4.2
SiemensSimatic Reader Rf685R Etsi-
SiemensSimatic Reader Rf685R Cmiit Firmware< 4.2
SiemensSimatic Reader Rf685R Cmiit-
SiemensSimatic Reader Rf685R Arib Firmware< 4.2
SiemensSimatic Reader Rf685R Arib-
SiemensSimatic Reader Rf680R Fcc Firmware< 4.2
SiemensSimatic Reader Rf680R Fcc-
SiemensSimatic Reader Rf680R Etsi Firmware< 4.2
SiemensSimatic Reader Rf680R Etsi-
SiemensSimatic Reader Rf680R Cmiit Firmware< 4.2
SiemensSimatic Reader Rf680R Cmiit-

Related Weaknesses (CWE)

CWE-912

References

FAQ

What is CVE-2024-37990?

CVE-2024-37990 is a vulnerability with a CVSS score of 6.5 (MEDIUM). A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF6...

How severe is CVE-2024-37990?

CVE-2024-37990 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-37990?

Check the references section above for vendor advisories and patch information. Affected products include: Siemens Simatic Rf360R Firmware, Siemens Simatic Rf360R, Siemens Simatic Rf1170R Firmware, Siemens Simatic Rf1170R, Siemens Simatic Rf1140R Firmware.