CVE-2025-23384
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-23384
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2.1), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2.1), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2.1), SCALANCE M812-1 ADSL-Router family (All versions < V8.2.1), SCALANCE M816-1 ADSL-Router family (All versions < V8.2.1), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2.1), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2.1), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2.1), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2.1), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2.1), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2.1), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2.1), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2.1), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2.1), SCALANCE MUB852-1 (A1) (6GK5852-1EA10-1AA1) (All versions < V8.2.1), SCALANCE MUB852-1 (B1) (6GK5852-1EA10-1BA1) (All versions < V8.2.1), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2.1), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2.1), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2.1), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2.1), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2.1), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2.1), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2.1), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2.1), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2.1), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2.1), SCALANCE SC-600 family (All versions). Affected devices improperly validate usernames during OpenVPN authentication. This could allow an attacker to get partial invalid usernames accepted by the server.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
部分比较
Source: NVD (National Vulnerability Database)
Vulnerability Title
Siemens RUGGEDCOM和Siemens SCALANCE 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Siemens RUGGEDCOM和Siemens SCALANCE都是德国西门子(Siemens)公司的产品。Siemens RUGGEDCOM是一个通信设备。为电力,交通,石油和天然气及其他行业提供快速可靠的通信。Siemens SCALANCE是一系列以太网交换机。可连接到工业控制系统 (ICS) 设备,包括可编程逻辑控制器 (PLC) 和人机界面 (HMI) 系统。 Siemens RUGGEDCOM和Siemens SCALANCE存在缓冲区错误漏洞,该漏洞源于OpenVPN认证期间用户名验证不
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2025-23384
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-23384
请登录查看更多情报信息。
Same Patch Batch · Siemens · 2025-03-11 · 24 CVEs total
| CVE-2024-56336 | 9.8 CRITICAL | Siemens SINAMICS S200 授权问题漏洞 |
| CVE-2025-27494 | 9.1 CRITICAL | Siemens SiPass Integrated 输入验证错误漏洞 |
| CVE-2025-27396 | 8.8 HIGH | Siemens SCALANCE LPE9403 安全漏洞 |
| CVE-2024-56181 | 8.2 HIGH | Siemens SIMATIC 缓冲区错误漏洞 |
| CVE-2025-27493 | 8.2 HIGH | Siemens SiPass Integrated 输入验证错误漏洞 |
| CVE-2024-56182 | 8.2 HIGH | Siemens SIMATIC 缓冲区错误漏洞 |
| CVE-2025-23398 | 7.8 HIGH | Siemens Teamcenter 缓冲区错误漏洞 |
| CVE-2025-23399 | 7.8 HIGH | Siemens Teamcenter Visualization和Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞 |
| CVE-2025-23400 | 7.8 HIGH | Siemens Teamcenter Visualization和Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞 |
| CVE-2025-23401 | 7.8 HIGH | Siemens Teamcenter 缓冲区错误漏洞 |
| CVE-2025-23402 | 7.8 HIGH | Siemens Teamcenter 资源管理错误漏洞 |
| CVE-2025-27438 | 7.8 HIGH | Siemens Teamcenter 缓冲区错误漏洞 |
| CVE-2025-23396 | 7.8 HIGH | Siemens Teamcenter Visualization和Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞 |
| CVE-2025-23397 | 7.8 HIGH | Siemens Teamcenter Visualization和Siemens Tecnomatix Plant Simulation 缓冲区错误漏洞 |
| CVE-2025-27393 | 7.2 HIGH | Siemens SCALANCE LPE9403 操作系统命令注入漏洞 |
| CVE-2025-27395 | 7.2 HIGH | Siemens SCALANCE LPE9403 路径遍历漏洞 |
| CVE-2025-27394 | 7.2 HIGH | Siemens SCALANCE LPE9403 操作系统命令注入漏洞 |
| CVE-2025-27392 | 7.2 HIGH | Siemens SCALANCE LPE9403 操作系统命令注入漏洞 |
| CVE-2025-25266 | 6.8 MEDIUM | Siemens Tecnomatix Plant Simulation 安全漏洞 |
| CVE-2025-25267 | 6.2 MEDIUM | Siemens Tecnomatix Plant Simulation 安全漏洞 |
Showing top 20 of 24 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same weakness: CWE-187
- CVE-2026-34785
Rack: Local file inclusion in `Rack::Static` via URL Prefix - CVE-2026-30874
OpenWrt procd PATH Environment Variable Filter Bypass via In - CVE-2024-41110
Moby authz zero length regression - CVE-2024-39742
IBM MQ Container authentication bypass - CVE-2022-31802
Partial string comparison in CODESYS gateway server
V. Comments for CVE-2025-23384
No comments yet