OTPulse
FeedAboutContact

Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.6

Monitor5.5SSA-000297Nov 12, 2024
Attack VectorAdjacent
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

RUGGEDCOM CROSSBOW Station Access Controller (SAC) contains multiple vulnerabilities in its integrated SQLite database component, including buffer overflow (CWE-122) and use-after-free (CWE-416) conditions. These vulnerabilities could allow an authenticated attacker to execute arbitrary code or trigger a denial of service on the access controller. The SAC is a critical component in Siemens industrial access control and authentication systems.

What this means
What could happen
Multiple SQLite buffer overflow and memory corruption vulnerabilities in the RUGGEDCOM CROSSBOW SAC could allow a local attacker with user credentials to execute arbitrary code on the access controller, potentially enabling unauthorized network access or disrupting authentication services.
Who's at risk
Network and access management administrators responsible for RUGGEDCOM CROSSBOW Station Access Controllers in industrial automation and utility environments. This device controls authentication and access for SCADA/ICS networks, making compromise a critical security concern for grid operators, water utilities, and manufacturing facilities.
How it could be exploited
An attacker with valid user credentials on the RUGGEDCOM CROSSBOW SAC could trigger a buffer overflow or memory corruption condition in the embedded SQLite component through specially crafted input or database queries, leading to arbitrary code execution on the controller itself.
Prerequisites
  • Valid user account credentials on the RUGGEDCOM CROSSBOW SAC
  • Local or network access to the SAC's administrative interface
  • Knowledge of SQLite query syntax or ability to interact with the database layer
Requires valid user credentialsMemory corruption vulnerabilities (CWE-122, CWE-416)Low EPSS score (0.1%) suggests limited real-world exploitation activityAffects access control infrastructure
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
RUGGEDCOM CROSSBOW Station Access Controller (SAC)< V5.65.6
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate RUGGEDCOM CROSSBOW Station Access Controller to version 5.6 or later
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/f5b6a41f-c6b5-45df-89f3-2b813772649b
Multiple SQLite Vulnerabilities in RUGGEDCOM CROSSBOW Station Access Controller Before V5.6 | CVSS 5.5 - OTPulse