CVE-2025-41222

Description

A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions), RUGGEDCOM RMC30 (All versions), RUGGEDCOM RMC8388 V4.X (All versions), RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RP110 (All versions), RUGGEDCOM RS1600 (All versions), RUGGEDCOM RS1600F (All versions), RUGGEDCOM RS1600T (All versions), RUGGEDCOM RS400 (All versions), RUGGEDCOM RS401 (All versions), RUGGEDCOM RS416 (All versions), RUGGEDCOM RS416P (All versions), RUGGEDCOM RS416Pv2 V4.X (All versions), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V4.X (All versions), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS8000 (All versions), RUGGEDCOM RS8000A (All versions), RUGGEDCOM RS8000H (All versions), RUGGEDCOM RS8000T (All versions), RUGGEDCOM RS900 (All versions), RUGGEDCOM RS900 (32M) V4.X (All versions), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (All versions), RUGGEDCOM RS900G (32M) V4.X (All versions), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GP (All versions), RUGGEDCOM RS900L (All versions), RUGGEDCOM RS900M-GETS-C01 (All versions), RUGGEDCOM RS900M-GETS-XX (All versions), RUGGEDCOM RS900M-STND-C01 (All versions), RUGGEDCOM RS900M-STND-XX (All versions), RUGGEDCOM RS900W (All versions), RUGGEDCOM RS910 (All versions), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910W (All versions), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920W (All versions), RUGGEDCOM RS930L (All versions), RUGGEDCOM RS930W (All versions), RUGGEDCOM RS940G (All versions), RUGGEDCOM RS969 (All versions), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (All versions), RUGGEDCOM RSG2100P (32M) V4.X (All versions), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2200 (All versions), RUGGEDCOM RSG2288 V4.X (All versions), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V4.X (All versions), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V4.X (All versions), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V4.X (All versions), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V4.X (All versions), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). Affected devices do not properly handle malformed TLS handshake messages. This could allow an attacker with network access to the webserver to cause a denial of service resulting in the web server and the device to crash.

Category

6.9
CVSS
Severity: Medium
CVSS 4.0 •
CVSS 3.1 •
EPSS 0.04%
Affected: Siemens RUGGEDCOM i800
Affected: Siemens RUGGEDCOM i801
Affected: Siemens RUGGEDCOM i802
Affected: Siemens RUGGEDCOM i803
Affected: Siemens RUGGEDCOM M2100
Affected: Siemens RUGGEDCOM M2200
Affected: Siemens RUGGEDCOM M969
Affected: Siemens RUGGEDCOM RMC30
Affected: Siemens RUGGEDCOM RMC8388 V4.X
Affected: Siemens RUGGEDCOM RMC8388 V5.X
Affected: Siemens RUGGEDCOM RP110
Affected: Siemens RUGGEDCOM RS1600
Affected: Siemens RUGGEDCOM RS1600F
Affected: Siemens RUGGEDCOM RS1600T
Affected: Siemens RUGGEDCOM RS400
Affected: Siemens RUGGEDCOM RS401
Affected: Siemens RUGGEDCOM RS416
Affected: Siemens RUGGEDCOM RS416P
Affected: Siemens RUGGEDCOM RS416Pv2 V4.X
Affected: Siemens RUGGEDCOM RS416Pv2 V5.X
Affected: Siemens RUGGEDCOM RS416v2 V4.X
Affected: Siemens RUGGEDCOM RS416v2 V5.X
Affected: Siemens RUGGEDCOM RS8000
Affected: Siemens RUGGEDCOM RS8000A
Affected: Siemens RUGGEDCOM RS8000H
Affected: Siemens RUGGEDCOM RS8000T
Affected: Siemens RUGGEDCOM RS900
Affected: Siemens RUGGEDCOM RS900 (32M) V4.X
Affected: Siemens RUGGEDCOM RS900 (32M) V5.X
Affected: Siemens RUGGEDCOM RS900G
Affected: Siemens RUGGEDCOM RS900G (32M) V4.X
Affected: Siemens RUGGEDCOM RS900G (32M) V5.X
Affected: Siemens RUGGEDCOM RS900GP
Affected: Siemens RUGGEDCOM RS900L
Affected: Siemens RUGGEDCOM RS900M-GETS-C01
Affected: Siemens RUGGEDCOM RS900M-GETS-XX
Affected: Siemens RUGGEDCOM RS900M-STND-C01
Affected: Siemens RUGGEDCOM RS900M-STND-XX
Affected: Siemens RUGGEDCOM RS900W
Affected: Siemens RUGGEDCOM RS910
Affected: Siemens RUGGEDCOM RS910L
Affected: Siemens RUGGEDCOM RS910W
Affected: Siemens RUGGEDCOM RS920L
Affected: Siemens RUGGEDCOM RS920W
Affected: Siemens RUGGEDCOM RS930L
Affected: Siemens RUGGEDCOM RS930W
Affected: Siemens RUGGEDCOM RS940G
Affected: Siemens RUGGEDCOM RS969
Affected: Siemens RUGGEDCOM RSG2100
Affected: Siemens RUGGEDCOM RSG2100 (32M) V4.X
Affected: Siemens RUGGEDCOM RSG2100 (32M) V5.X
Affected: Siemens RUGGEDCOM RSG2100P
Affected: Siemens RUGGEDCOM RSG2100P (32M) V4.X
Affected: Siemens RUGGEDCOM RSG2100P (32M) V5.X
Affected: Siemens RUGGEDCOM RSG2200
Affected: Siemens RUGGEDCOM RSG2288 V4.X
Affected: Siemens RUGGEDCOM RSG2288 V5.X
Affected: Siemens RUGGEDCOM RSG2300 V4.X
Affected: Siemens RUGGEDCOM RSG2300 V5.X
Affected: Siemens RUGGEDCOM RSG2300P V4.X
Affected: Siemens RUGGEDCOM RSG2300P V5.X
Affected: Siemens RUGGEDCOM RSG2488 V4.X
Affected: Siemens RUGGEDCOM RSG2488 V5.X
Affected: Siemens RUGGEDCOM RSG907R
Affected: Siemens RUGGEDCOM RSG908C
Affected: Siemens RUGGEDCOM RSG909R
Affected: Siemens RUGGEDCOM RSG910C
Affected: Siemens RUGGEDCOM RSG920P V4.X
Affected: Siemens RUGGEDCOM RSG920P V5.X
Affected: Siemens RUGGEDCOM RSL910
Affected: Siemens RUGGEDCOM RST2228
Affected: Siemens RUGGEDCOM RST2228P
Affected: Siemens RUGGEDCOM RST916C
Affected: Siemens RUGGEDCOM RST916P
Published at:
Updated at:

References

Link Tags
https://cert-portal.siemens.com/productcert/html/ssa-083019.html

Frequently Asked Questions

What is the severity of CVE-2025-41222?
CVE-2025-41222 has been scored as a medium severity vulnerability.
How to fix CVE-2025-41222?
To fix CVE-2025-41222, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-41222 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-41222 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-41222?
CVE-2025-41222 affects Siemens RUGGEDCOM i800, Siemens RUGGEDCOM i801, Siemens RUGGEDCOM i802, Siemens RUGGEDCOM i803, Siemens RUGGEDCOM M2100, Siemens RUGGEDCOM M2200, Siemens RUGGEDCOM M969, Siemens RUGGEDCOM RMC30, Siemens RUGGEDCOM RMC8388 V4.X, Siemens RUGGEDCOM RMC8388 V5.X, Siemens RUGGEDCOM RP110, Siemens RUGGEDCOM RS1600, Siemens RUGGEDCOM RS1600F, Siemens RUGGEDCOM RS1600T, Siemens RUGGEDCOM RS400, Siemens RUGGEDCOM RS401, Siemens RUGGEDCOM RS416, Siemens RUGGEDCOM RS416P, Siemens RUGGEDCOM RS416Pv2 V4.X, Siemens RUGGEDCOM RS416Pv2 V5.X, Siemens RUGGEDCOM RS416v2 V4.X, Siemens RUGGEDCOM RS416v2 V5.X, Siemens RUGGEDCOM RS8000, Siemens RUGGEDCOM RS8000A, Siemens RUGGEDCOM RS8000H, Siemens RUGGEDCOM RS8000T, Siemens RUGGEDCOM RS900, Siemens RUGGEDCOM RS900 (32M) V4.X, Siemens RUGGEDCOM RS900 (32M) V5.X, Siemens RUGGEDCOM RS900G, Siemens RUGGEDCOM RS900G (32M) V4.X, Siemens RUGGEDCOM RS900G (32M) V5.X, Siemens RUGGEDCOM RS900GP, Siemens RUGGEDCOM RS900L, Siemens RUGGEDCOM RS900M-GETS-C01, Siemens RUGGEDCOM RS900M-GETS-XX, Siemens RUGGEDCOM RS900M-STND-C01, Siemens RUGGEDCOM RS900M-STND-XX, Siemens RUGGEDCOM RS900W, Siemens RUGGEDCOM RS910, Siemens RUGGEDCOM RS910L, Siemens RUGGEDCOM RS910W, Siemens RUGGEDCOM RS920L, Siemens RUGGEDCOM RS920W, Siemens RUGGEDCOM RS930L, Siemens RUGGEDCOM RS930W, Siemens RUGGEDCOM RS940G, Siemens RUGGEDCOM RS969, Siemens RUGGEDCOM RSG2100, Siemens RUGGEDCOM RSG2100 (32M) V4.X, Siemens RUGGEDCOM RSG2100 (32M) V5.X, Siemens RUGGEDCOM RSG2100P, Siemens RUGGEDCOM RSG2100P (32M) V4.X, Siemens RUGGEDCOM RSG2100P (32M) V5.X, Siemens RUGGEDCOM RSG2200, Siemens RUGGEDCOM RSG2288 V4.X, Siemens RUGGEDCOM RSG2288 V5.X, Siemens RUGGEDCOM RSG2300 V4.X, Siemens RUGGEDCOM RSG2300 V5.X, Siemens RUGGEDCOM RSG2300P V4.X, Siemens RUGGEDCOM RSG2300P V5.X, Siemens RUGGEDCOM RSG2488 V4.X, Siemens RUGGEDCOM RSG2488 V5.X, Siemens RUGGEDCOM RSG907R, Siemens RUGGEDCOM RSG908C, Siemens RUGGEDCOM RSG909R, Siemens RUGGEDCOM RSG910C, Siemens RUGGEDCOM RSG920P V4.X, Siemens RUGGEDCOM RSG920P V5.X, Siemens RUGGEDCOM RSL910, Siemens RUGGEDCOM RST2228, Siemens RUGGEDCOM RST2228P, Siemens RUGGEDCOM RST916C, Siemens RUGGEDCOM RST916P.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.