CVE-2026-41918

MEDIUM

Siemens Ruggedcom RST2428P < V4.0 - Use of Web Browser Cache Containing Sensitive Information

Title source: rule

Description

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V4.0). The affected applications stores sensitive information in the browser cache when an authenticated user modify specific configurations. This could allow an authenticated attacker to access sensitive data stored in the browser.

References (1)

Core 1

Core References

https://cert-portal.siemens.com/productcert/html/ssa-253495.html

Scores

CVSS v3 5.7

EPSS 0.0019

EPSS Percentile 9.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-525

Status published

Products (1)

Siemens/RUGGEDCOM RST2428P < V4.0

Published Jun 02, 2026

Tracked Since Jun 02, 2026