CVE-2026-41918_CVE-2026-41918

5.7 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Description

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V4.0). The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data stored in the browser.

Basic Information

ID CVE-2026-41918

Source siemens

Published Jun 2, 2026 at 12:06

Affected Product

Vendor Siemens

Product RUGGEDCOM RST2428P

Affected Versions Siemens RUGGEDCOM RST2428P 0

CWE Classification

CWE-525

References

cert-portal.siemens.com /productcert/html/ssa-253495.html

{
    "lastseen": "",
    "description": "A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V4.0). The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data stored in the browser.",
    "published": "2026-06-02T12:06:50.291Z",
    "modified": "2026-06-02T12:06:50.291Z",
    "type": "cve",
    "title": "CVE-2026-41918",
    "source": "siemens",
    "references": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html",
    "id": "CVE-2026-41918",
    "bulletinFamily": "",
    "cwe": [
        "CWE-525"
    ],
    "cvelist": null,
    "sourceData": "Siemens RUGGEDCOM RST2428P 0",
    "sourceHref": "",
    "cvss": {
        "score": 5.7,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RUGGEDCOM RST2428P",
    "version": "0",
    "vendor": "Siemens",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}