CVE-2026-42140: Siemens Ruggedcom Rox (before v2.17.1)

CVSSawaiting NVD

ExploitationNo exploitation reported

Triage statusUnder Review

ActionSchedule for next cycle

Affected product

Siemens Ruggedcom Rox (before v2.17.1)

Remediation Steps

Upgrade Ruggedcom Rox to version 2.17.1 or later to patch input validation and third-party vulnerabilities
Disable Scheduler functionality until validated after patching
Review Scheduler command history logs for evidence of arbitrary command injection attempts
Restrict Ruggedcom Rox administrative access to authenticated users only via strong MFA
Conduct operational validation of all critical network routing functions post-upgrade

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-134-12.json
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-134-16.json
https://nvd.nist.gov/vuln/detail/CVE-2026-42140

Coverage on defend.network

Vulnerability Priority Report – Week 3 of May 2026 (May 18 – 24)

🤖 This CVE page is generated by defend.network from NVD, CISA KEV, EPSS, and our verified daily briefings. Severity and exploitation data come from official sources; always verify remediation steps against the official vendor advisory before acting in production.

Affected product

Remediation Steps

References

Coverage on defend.network

Get Critical CVE Alerts