ruggedcom rox

The ruggedcom rox tag covers security vulnerabilities and firmware updates for Siemens RUGGEDCOM ROX industrial networking devices. Recent content focuses on CVE-2025-40947, an authenticated remote command-injection flaw affecting multiple RUGGEDCOM models including MX5000, RX1400, and RX1500 series. The vulnerability exists in the feature key installation process and requires authentication to exploit, but poses risks in flat or poorly segmented OT networks. Siemens released firmware version 2.17.1 to patch this issue. Discussions emphasize the importance of updating to the latest ROX firmware and maintaining proper network segmentation for industrial environments.