Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations.
CPE | Name | Operator | Version |
---|---|---|---|
ros | le | 3.11.0 | |
rox_i_os | le | 1.14.5 | |
rox_ii_os | le | 2.3.0 | |
ruggedmax_os | le | 4.2.1.4621.22 |