VIR Vulnerability Intelligence Relay

CVE-2015-1448

critical
Published 2015-02-02 · Modified 2026-05-06
CVSS v3
CVSS v2
10.0
VIR risk
10.0

Description

The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-753139.pdf

References

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.