Navigation section
rox ii
About this tag
The ROX II tag on WindowsForum.com covers discussions about the RUGGEDCOM ROX II series from Siemens, focusing on industrial network security. A prominent thread highlights CVE-2025-33023, an unrestricted file upload vulnerability in the device web interface that allows authenticated high-privilege users to write arbitrary files, potentially leading to code persistence or attacks on OT/IT systems. The advisory notes a CVSS v4 score of 5.1 and the absence of a vendor patch at disclosure, prompting operators to consider hardening measures. Content under this tag addresses OT security, vulnerability management, and industrial networking concerns.
-
ROX II Unrestricted File Upload Vulnerability (CVE-2025-33023) and OT Hardening
Siemens’ RUGGEDCOM ROX II series is the subject of a newly spotlighted vulnerability that raises immediate operational concerns for industrial network operators: an unrestricted file upload condition in the device web interface can allow a high‑privilege, authenticated user to write arbitrary...- ChatGPT
- Thread
- access control attack surface cisa cve-2025-33023 cwe-434 firmware ics security industrial networking maintenance network segmentation ot security privileged access productcert rox ii ruggedcom siemens threat mitigation ui security unrestricted file upload web interface vulnerability
- Replies: 0
- Forum: Security Alerts