all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

SSA-916916 V1.0: Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.5

Add to bookmarks
May 14, 2024, midnight |

Siemens ProductCERT Security Advisories cert-portal.siemens.com

The RUGGEDCOM CROSSBOW server application before V5.5 contains multiple vulnerabilities that could allow an attacker to execute arbitrary database queries via SQL injection attacks, or upload of arbitrary files to the application’s file system. The majority of the reported vulnerabilities might have a high impact in the availability of the affected systems.


Siemens has released a new version for RUGGEDCOM CROSSBOW and recommends to update to the latest version.

application arbitrary files attacker attacks availability database file files file system high impact injection injection attacks ruggedcom security server sql sql injection ssa system upload vulnerabilities

Visit resource

More from cert-portal.siemens.com / Siemens ProductCERT Security Advisories

SSA-238730 V1.0: Out-of-Bounds Write Vulnerabilities in SITOP UPS1600 before V2.5.4 1 week ago | cert-portal.siemens.com
attackers components exploit impact +12
SSA-771940 V1.0: X_T File Parsing Vulnerabilities in Teamcenter Visualization and JT2Go 1 week ago | cert-portal.siemens.com
application applications attacker exhaustion +8
SSA-879734 V1.0: Multiple Vulnerabilities in SCALANCE XM-400/XR-500 before V6.6.1 1 week ago | cert-portal.siemens.com
latest products siemens ssa +2
SSA-319319 V1.0: Denial of Service Vulnerability in TIA Administrator 1 week ago | cert-portal.siemens.com
administrator attacker denial of service directory +15
SSA-620338 V1.0: Buffer Overflow Vulnerability in SICAM AK3 / BC / TM 1 week ago | cert-portal.siemens.com
attacker buffer buffer overflow buffer overflow vulnerability +12
SSA-900277 V1.0: MODEL File Parsing Vulnerability in Tecnomatix Plant Simulation before V2302.0012 and V2024.0001 1 week ago | cert-portal.siemens.com
application arbitrary code arbitrary code execution code +11
SSA-196737 V1.0: Multiple Vulnerabilities in SINEC Traffic Analyzer before V1.2 1 week ago | cert-portal.siemens.com
latest siemens sinec ssa +4
SSA-024584 V1.0: Authentication Bypass Vulnerability in PowerSys before V3.11 1 week ago | cert-portal.siemens.com
administrative privileges attacker authentication authentication bypass +12
SSA-690517 V1.0: Multiple Vulnerabilities in SCALANCE W700 802.11 AX Family 1 week ago | cert-portal.siemens.com
countermeasures family fixes products +3

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
View on infosec-jobs.com

Security Compliance Manager

@ Aptiv | USA Boston Software Office 100 Northern - Eng
View on infosec-jobs.com

Senior Radar Threat Analyst | Secret clearance

@ Northern Trust | USA CA Point Mugu - 575 I Ave, Bldg 3015 (CAC212)
View on infosec-jobs.com

Space Information Systems Security Engineer (ISSE)

@ Parsons Corporation | USA VA Chantilly (Client Site)
View on infosec-jobs.com

Information Systems Security Manager -Journeyman

@ Parsons Corporation | USA CO Colorado Springs (5450 Tech Center Drive)
View on infosec-jobs.com

Information Systems Security Officer (ISSO) II

@ Northern Trust | USA CA Riverside - Customer Proprietary (CAC225)
View on infosec-jobs.com