May 14, 2024, midnight |

Siemens ProductCERT Security Advisories

The RUGGEDCOM CROSSBOW server application before V5.5 contains multiple vulnerabilities that could allow an attacker to execute arbitrary database queries via SQL injection attacks, or upload of arbitrary files to the application’s file system. The majority of the reported vulnerabilities might have a high impact in the availability of the affected systems.

Siemens has released a new version for RUGGEDCOM CROSSBOW and recommends to update to the latest version.

application arbitrary files attacker attacks availability database file files file system high impact injection injection attacks ruggedcom security server sql sql injection ssa system upload vulnerabilities

More from / Siemens ProductCERT Security Advisories

Sr. Product Manager

@ MixMode | Remote, US

Information Security Engineers

@ D. E. Shaw Research | New York City

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Engineer I, S/W QA Cyber Security

@ Boston Scientific | Pune, IN

Application Security and Secure-SDLC Expert

@ CYE | Herzliya, Israel