42 matches found
Exploit for CVE-2012-1803
CVE-2012-1803 Critical vulnerability in Siemens Rugge...
Siemens RUGGEDCOM ROS Improper Input Validation (CVE-2025-40935)
Affected devices do not properly validate input during the TLS certificate upload process of the web service. This could allow an authenticated remote attacker to trigger a device crash and reboot, leading to a temporary Denial of Service on the device. This plugin only works with Tenable.ot...
Resource Allocation in Siemens RUGGEDCOM Allocation of Resources Without Limits or Throttling (CVE-2023-39269)
The web server of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause total loss of availability of the web server, which might recover after the attack is over. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM ROS Improper Control of Generation of Code (CVE-2022-34663)
Affected devices are vulnerable to a web-based code injection attack via the console. An attacker could exploit this vulnerability to inject code into the web server and cause malicious behavior in legitimate users accessing certain web resources on the affected device. This plugin only works wit...
Network Mirroring in Siemens RUGGEDCOM Incorrect Provision of Specified Functionality (CVE-2023-24845)
The affected products insufficiently block data from being forwarded over the mirror port into the mirrored network. An attacker could use this behavior to transmit malicious packets to systems in the mirrored network, possibly influencing their configuration and runtime behavior. This plugin onl...
Siemens RUGGEDCOM ROS Devices Integer Overflow or Wraparound (CVE-2021-42019)
Within a third-party component, the process to allocate partition size fails to check memory boundaries. Therefore, if a large amount is requested by an attacker, due to an integer-wrap around, it could result in a small size being allocated instead. This plugin only works with Tenable.ot. Please...
Siemens RUGGEDCOM ROS Devices Improper Neutralization of Input During Web Page Generation (CVE-2021-37208)
Improper neutralization of special characters on the web server configuration page could allow an attacker, in a privileged position, to retrieve sensitive information via cross-site scripting. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...
Siemens RUGGEDCOM ROS Devices Observable Timing Discrepancy (CVE-2021-42016)
A timing attack, in a third-party component, could make the retrieval of the private key possible, used for encryption of sensitive data. If a threat actor were to exploit this, the data integrity and security could be compromised. This plugin only works with Tenable.ot. Please visit...
Siemens RUGGEDCOM ROS Devices Improper Check for Unusual or Exceptional Conditions (CVE-2021-42020)
The third-party component, in its TFTP functionality fails to check for null terminations in file names. If an attacker were to exploit this, it could result in data corruption, and possibly a hard-fault of the application. This plugin only works with Tenable.ot. Please visit...
EUVD-2017-4275
Malware in sbrugna...
EUVD-2021-18770
Malware in sbrugna...
Siemens RUGGEDCOM ROS Devices
SUMMARY Multiple vulnerabilities affect the RUGGEDCOM Operating System ROS. Siemens has released new versions for several affected products and recommends to update to the latest versions. Siemens is preparing further fix versions and recommends countermeasures for products where fixes are not,...
Siemens RUGGEDCOM ROS Information Disclosure Vulnerability (CNVD-2024-31236)
Siemens RuggedCom ROS is an operating system from Siemens, Germany, used in the RuggedCom series of switches. An information disclosure vulnerability exists in Siemens RUGGEDCOM ROS, which can be exploited by an attacker to retrieve a MACSEC key and access decrypt Ethernet frames sent by an...
Siemens RUGGEDCOM Series 信息泄露漏洞
Siemens RuggedCom ROS is an operating system from Siemens, Germany, used in the RuggedCom series of switches. An information disclosure vulnerability exists in Siemens RUGGEDCOM ROS, which can be exploited by an attacker to force a password offline using obtained information...
Siemens RUGGEDCOM ROS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens RUGGEDCOM ROS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens RUGGEDCOM ROS Code Injection
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...
Siemens RUGGEDCOM ROS has an unspecified vulnerability (CNVD-2022-17784)
Siemens RuggedCom ROS is an operating system used in the RuggedCom family of switches from Siemens, Germany. Siemens RUGGEDCOM ROS has a security vulnerability that could be exploited by attackers to act as a man-in-the-middle and eavesdrop on encrypted communications...
Siemens RUGGEDCOM 缓冲区错误漏洞
Siemens RuggedCom ROS is an operating system used in the RuggedCom family of switches from Siemens, Germany. Siemens RUGGEDCOM ROS suffers from a heap buffer overflow vulnerability that can be exploited by attackers to cause a heap overflow...
Siemens RUGGEDCOM ROS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please seeSiemens' ProductCERT Security Advisories CERT Services | Services |...