Siemens RUGGEDCOM ROX MX5000 and related models before version 2.17.1 contain a vulnerability due to improper input validation in the JSON-RPC interface of their web server. This flaw allows an authenticated attacker to perform argument injection, enabling them to read arbitrary files on the device with root-level access. The vulnerability is tracked as CVE-2025-40948 and categorized under CWE-88. The CVSS 3.1 base score is 6.8, reflecting a medium severity with network attack vector, low attack complexity, required high privileges, no user interaction, and impact limited to confidentiality. No official patch or remediation guidance has been published by Siemens as of the information provided.

An authenticated remote attacker can read arbitrary files on the affected Siemens RUGGEDCOM ROX MX5000 devices with root privileges, potentially exposing sensitive system information. The vulnerability does not impact integrity or availability according to the CVSS vector. There are no known exploits in the wild currently. The medium severity score reflects a significant confidentiality impact but requires high privileges to exploit.

Patch status is not yet confirmed — check the Siemens vendor advisory for current remediation guidance. Until an official fix is available, restrict access to the device's management interfaces to trusted administrators only. Monitor for updates from Siemens regarding patches or mitigations. No vendor advisory or official fix information is currently provided.