Multiple Vulnerabilities in Ruggedcom Rox Before V2.17.0

Act Now9.8SSA-202008Dec 9, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Ruggedcom ROX industrial networking devices contain multiple critical vulnerabilities including unauthenticated remote code execution, buffer overflows, integer overflows, input validation flaws, weak cryptography, improper access controls, and memory corruption issues. Affected versions are prior to 2.17.0 across the MX5000 and RX series (RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, RX5000).

What this means

What could happen

An unauthenticated attacker on your network can remotely execute arbitrary code on Ruggedcom ROX switches, potentially gaining full control of your industrial network infrastructure and disrupting communications between PLCs, RTUs, and control systems.

Who's at risk

Electric utilities, water authorities, oil & gas, and manufacturing facilities using Ruggedcom ROX industrial switches and routers for critical network infrastructure. This includes all MX5000 and RX-series devices used to carry data between substations, water treatment plants, manufacturing floors, and control centers.

How it could be exploited

An attacker with network access to the Ruggedcom ROX device (typically reachable on your plant network) can send a specially crafted network request to exploit one or more of the input validation, buffer overflow, or cryptographic flaws to execute arbitrary commands on the device. No credentials or special configuration are required.

Prerequisites

Network access to the Ruggedcom ROX device (typically on industrial network)

Remotely exploitableNo authentication requiredLow complexityActively exploited (KEV)Critical CVSS 9.8EPSS 92.5% (extremely likely to be exploited)Affects industrial network infrastructure

Exploitability

Actively exploited — confirmed by CISA KEV

Affected products (11)

11 with fix

ProductAffected VersionsFix Status

RUGGEDCOM ROX MX5000< 2.17.02.17.0

RUGGEDCOM ROX MX5000RE< 2.17.02.17.0

RUGGEDCOM ROX RX1400< 2.17.02.17.0

RUGGEDCOM ROX RX1500< 2.17.02.17.0

RUGGEDCOM ROX RX1501< 2.17.02.17.0

RUGGEDCOM ROX RX1510< 2.17.02.17.0

RUGGEDCOM ROX RX1511< 2.17.02.17.0

RUGGEDCOM ROX RX1512< 2.17.02.17.0

Remediation & Mitigation

0/1

Do now

0/1

HOTFIXUpdate all Ruggedcom ROX devices (MX5000, MX5000RE, RX1400, RX1500, RX1501, RX1510, RX1511, RX1512, RX1524, RX1536, RX5000) to firmware version 2.17.0 or later

CVEs (83)

CVE-2018-7169 CVE-2018-9234 CVE-2018-12934 CVE-2018-1000876 CVE-2019-9893 CVE-2019-12900 CVE-2019-14866 CVE-2020-12762 CVE-2020-21047 CVE-2020-22217 CVE-2020-35525 CVE-2021-35550 CVE-2021-35556 CVE-2021-35559 CVE-2021-35561 CVE-2021-35564 CVE-2021-35565 CVE-2021-35567 CVE-2021-35578 CVE-2021-35586 CVE-2021-35588 CVE-2021-35603 CVE-2021-36084 CVE-2021-36085 CVE-2021-36086 CVE-2021-36087 CVE-2021-38185 CVE-2021-47358 CVE-2021-47361 CVE-2022-0435 CVE-2022-0492 CVE-2022-0847 CVE-2022-0850 CVE-2022-1353 CVE-2022-1734 CVE-2022-2639 CVE-2022-2964 CVE-2022-3424 CVE-2022-20141 CVE-2022-23039 CVE-2022-23040 CVE-2022-24958 CVE-2022-27223 CVE-2022-28390 CVE-2022-30594 CVE-2022-34903 CVE-2022-36123 CVE-2022-37032 CVE-2022-37434 CVE-2022-41858 CVE-2022-48624 CVE-2022-48626 CVE-2022-48919 CVE-2022-48926 CVE-2022-48948 CVE-2022-48951 CVE-2022-48960 CVE-2022-48962 CVE-2022-48966 CVE-2022-48967 CVE-2022-49058 CVE-2023-4641 CVE-2023-27043 CVE-2023-28322 CVE-2023-29383 CVE-2023-29491 CVE-2023-41358 CVE-2023-46218 CVE-2023-46753 CVE-2023-47234 CVE-2024-0397 CVE-2024-5642 CVE-2024-6232 CVE-2024-6923 CVE-2024-7592 CVE-2024-11168 CVE-2024-12133 CVE-2024-12243 CVE-2024-28085 CVE-2024-32487 CVE-2024-50602 CVE-2024-52533 CVE-2025-0938

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/3601d5af-f83a-431f-84d8-882f436a8d48