CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
45.0%
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0), RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500 (All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions < V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions < V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions < V2.16.0). The affected devices are configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the- middle position to read and modify any data passed over to and from the affected device.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(501632);
script_version("1.6");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/04");
script_cve_id("CVE-2023-36748");
script_xref(name:"ICSA", value:"23-194-01");
script_name(english:"Siemens RUGGEDCOM ROX Inadequate Encryption Strength (CVE-2023-36748)");
script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All
versions < V2.16.0), RUGGEDCOM ROX MX5000RE (All versions < V2.16.0),
RUGGEDCOM ROX RX1400 (All versions < V2.16.0), RUGGEDCOM ROX RX1500
(All versions < V2.16.0), RUGGEDCOM ROX RX1501 (All versions <
V2.16.0), RUGGEDCOM ROX RX1510 (All versions < V2.16.0), RUGGEDCOM ROX
RX1511 (All versions < V2.16.0), RUGGEDCOM ROX RX1512 (All versions <
V2.16.0), RUGGEDCOM ROX RX1524 (All versions < V2.16.0), RUGGEDCOM ROX
RX1536 (All versions < V2.16.0), RUGGEDCOM ROX RX5000 (All versions <
V2.16.0). The affected devices are configured to offer weak ciphers by
default. This could allow an unauthorized attacker in a man-in-the-
middle position to read and modify any data passed over to and from
the affected device.
This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
script_set_attribute(attribute:"see_also", value:"https://cert-portal.siemens.com/productcert/pdf/ssa-146325.pdf");
script_set_attribute(attribute:"see_also", value:"https://www.cisa.gov/news-events/ics-advisories/icsa-23-194-01");
script_set_attribute(attribute:"solution", value:
"The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original
can be found at CISA.gov.
âSiemens recommends users update the product to the following versions:
- âUpdate to V2.16.0 or later version
âAs a general security measure, Siemens strongly recommends protecting network access to devices with appropriate
mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the
environment according to Siemens' operational guidelines for Industrial Security, and to follow the recommendations in
the product manuals. Additional information on Industrial Security by Siemens can be found at:
https://www.siemens.com/industrialsecurity
âFor further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens
ProductCERT: https://www.siemens.com/cert/advisories
âAs a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To
operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens'
operational guidelines for industrial security and following recommendations in the product manuals.
âAdditional information on industrial security by Siemens can be found on the Siemens industrial security webpage.
âFor more information see the associated Siemens security advisory SSA-146325 in HTML and CSAF.
â");
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-36748");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(326);
script_set_attribute(attribute:"vuln_publication_date", value:"2023/07/11");
script_set_attribute(attribute:"patch_publication_date", value:"2023/07/11");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/09/14");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_mx5000_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_mx5000re_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_rx1400_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_rx1500_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_rx1501_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_rx1510_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_rx1511_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_rx1512_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_rx1524_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_rx1536_firmware");
script_set_attribute(attribute:"cpe", value:"cpe:/o:siemens:ruggedcom_rox_rx5000_firmware");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tenable.ot");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("tenable_ot_api_integration.nasl");
script_require_keys("Tenable.ot/Siemens");
exit(0);
}
include('tenable_ot_cve_funcs.inc');
get_kb_item_or_exit('Tenable.ot/Siemens');
var asset = tenable_ot::assets::get(vendor:'Siemens');
var vuln_cpes = {
"cpe:/o:siemens:ruggedcom_rox_mx5000_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_mx5000re_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_rx1400_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_rx1500_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_rx1501_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_rx1510_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_rx1511_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_rx1512_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_rx1524_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_rx1536_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"},
"cpe:/o:siemens:ruggedcom_rox_rx5000_firmware" :
{"versionEndExcluding" : "2.16.0", "family" : "RuggedCom"}
};
tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);
Vendor | Product | Version | CPE |
---|---|---|---|
siemens | ruggedcom_rox_rx1400_firmware | cpe:/o:siemens:ruggedcom_rox_rx1400_firmware | |
siemens | ruggedcom_rox_rx5000_firmware | cpe:/o:siemens:ruggedcom_rox_rx5000_firmware | |
siemens | ruggedcom_rox_rx1501_firmware | cpe:/o:siemens:ruggedcom_rox_rx1501_firmware | |
siemens | ruggedcom_rox_rx1500_firmware | cpe:/o:siemens:ruggedcom_rox_rx1500_firmware | |
siemens | ruggedcom_rox_rx1512_firmware | cpe:/o:siemens:ruggedcom_rox_rx1512_firmware | |
siemens | ruggedcom_rox_mx5000_firmware | cpe:/o:siemens:ruggedcom_rox_mx5000_firmware | |
siemens | ruggedcom_rox_mx5000re_firmware | cpe:/o:siemens:ruggedcom_rox_mx5000re_firmware | |
siemens | ruggedcom_rox_rx1536_firmware | cpe:/o:siemens:ruggedcom_rox_rx1536_firmware | |
siemens | ruggedcom_rox_rx1524_firmware | cpe:/o:siemens:ruggedcom_rox_rx1524_firmware | |
siemens | ruggedcom_rox_rx1510_firmware | cpe:/o:siemens:ruggedcom_rox_rx1510_firmware |
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
45.0%