VIR Vulnerability Intelligence Relay

CVE-2015-1449

critical
Published 2015-02-02 · Modified 2026-05-06
CVSS v3
CVSS v2
10.0
VIR risk
10.0

Description

Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to execute arbitrary code via unspecified vectors.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-753139.pdf

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.