PatchSiren cyber security CVE debrief

CVE-2017-2682 Siemens CVE debrief

CVE-2017-2682 is a cross-site request forgery (CSRF) issue in Siemens RUGGEDCOM NMS web management interfaces. According to the NVD record and Siemens references, a remote attacker could cause administrative actions to execute if a targeted user had an active session and could be induced to submit a malicious request. The issue is rated HIGH with a CVSS 3.0 score of 8.8, reflecting network reachability, no privileges required, and high potential impact to confidentiality, integrity, and availability.

Vendor: Siemens
Product: CVE-2017-2682
CVSS: HIGH 8.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-27
Original CVE updated: 2026-05-13
Advisory published: 2017-02-27
Advisory updated: 2026-05-13

Who should care

OT/ICS defenders, Siemens RUGGEDCOM NMS administrators, network operations teams, and asset owners who expose the management web application on TCP ports 8080 or 8081.

Technical summary

The published weakness is CWE-352 (CSRF). NVD lists the vector as CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating that exploitation is remote, does not require authentication, and depends on user interaction with an already authenticated session. The vulnerable product scope in the NVD CPE data covers Siemens RUGGEDCOM Network Management Software through version 2.0.2. The supplied description notes the web application on ports 8080/TCP and 8081/TCP as the affected interface.

Defensive priority

High. This is an internet- or intranet-reachable management-plane issue that can translate a single successful user interaction into administrative operations on an active session.

Recommended defensive actions

Review Siemens advisory SSA-363881 and apply the vendor-recommended remediation for affected RUGGEDCOM NMS versions.
Confirm whether any RUGGEDCOM NMS instances are running vulnerable versions at or below 2.0.2 and prioritize those systems for upgrade or isolation.
Restrict access to the management web application on TCP 8080 and 8081 to trusted administrative networks only.
Reduce exposure of authenticated sessions by limiting who can access the management interface and by enforcing strong administrative access controls around privileged browsing sessions.
Monitor for unexpected administrative web actions and review access logs for suspicious requests to the RUGGEDCOM NMS management interface.

Evidence notes

This debrief is based on the supplied official vulnerability record data from NVD and the listed references. The NVD entry identifies CVE-2017-2682 as a modified record published on 2017-02-27 and updated on 2026-05-13, with CWE-352 and CVSS 3.0 vector AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The NVD CPE data marks Siemens RUGGEDCOM Network Management Software as vulnerable through version 2.0.2. Official and vendor-linked references supplied with the record include the Siemens advisory SSA-363881 PDF and the CISA/ICS advisory ICSA-17-059-01, plus third-party listings from SecurityFocus and SecurityTracker. The modified date reflects the record update, not a new issue date.

Official resources

CVE-2017-2682 CVE record
CVE.org
CVE-2017-2682 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Vendor Advisory
Mitigation or vendor reference
[email protected] - Third Party Advisory, US Government Resource

Publicly disclosed in the official record on 2017-02-27T11:59:00.150Z. The NVD record was later modified on 2026-05-13T00:24:29.033Z; that date is a record update, not the original vulnerability date.