Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities

OVERVIEW Siemens has reported to NCCIC/ICS-CERT that NTP daemon vulnerabilities exist in the Siemens RUGGEDCOM ROX-based devices. Siemens has produced firmware updates to mitigate these vulnerabilities. These vulnerabilities could be exploited remotely. AFFECTED PRODUCTS The following Siemens...

Siemens RuggedCom ROS和ROX设备信息泄露

No description provided by source...

Siemens RUGGEDCOM ROS IP forwarding Vulnerability(CVE-2 0 1 5-6 6 7 5)-vulnerability warning-the black bar safety net

Affected system: Siemens RuggedCom ROS 3.8.0-4.2.0 Description: CVECAN ID: CVE-2 0 1 5-6 6 7 5 Siemens RuggedCom ROS and ROX devices used in harsh environments for equipment connections, such as substations, traffic management, chassis, etc. RUGGEDCOM ROS 3.8.0-4.2.0 version of the IP forwarding...

Security feature bypass

The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566...

CVE-2015-5537

Technical details about CVE-2015-5537 are not publicly provided in the supplied documents. No product/version/root-cause/impact/fix information is present here. Monitor for updates.

Siemens multiple products there is a security problem, the part of the patch has been released-vulnerability warning-the black bar safety net

Siemens recently released software and firmware security update, saying the company multiple products there are security issues, users are advised to update ASAP. ICS-CERT and Siemens announcement that the SIPROTEC 4 and SIPROTEC Compact devices recently have been affected by the vulnerability...

Siemens RUGGEDCOM ROS and ROX-based Devices TLS POODLE Vulnerability (Update B)

OVERVIEW This updated advisory is a follow-up to the advisory titled ICSA-15-202-03A Siemens RUGGEDCOM ROS and ROX Based Devices TLS POODLE Vulnerability that was published July 25, 2015, on the NCCIC/ICS-CERT web site. Siemens has reported to ICS-CERT that a Transport Layer Security TLS Padding...

Siemens Patches DoS Vulnerability in SIMATIC S7

Siemens released an update for one of its automation systems late last week, patching a denial of service vulnerability in all versions of its SIMATIC S7-1500 CPU prior to V1.6. An advisory on the Industrial Control Systems Cyber Emergency Response Team’s ICS-CERT website warned about the...

Siemens Patches Five Vulnerabilities in SIMATIC System

Siemens released an update for two builds of its SIMATIC automation system this week, addressing a quintet of vulnerabilities, four of which are remotely exploitable. The German company’s SIMATIC WinCC, a SCADA system and SIMATIC PCS7, a distributed control system DCS are directly affected by the...

Siemens Working on Patches for OpenSSL Bugs Under Exploit

Siemens says it is working on patches for four critical vulnerabilities in the OpenSSL libraries it uses in a number of its industrial control products, flaws that are being exploited in the wild. The Industrial Control Systems Cyber Emergency Response Team ICS-CERT cautioned too that critical...

CVE-2012-4698

CVE-2012-4698 affects Siemens RuggedCom ROS family (ROS

CVE-2002-1956

CVE-2002-1956 affects ROX Filer versions 1.1.9 and 1.2. The issue is due to world-writable permissions, enabling local users to write to arbitrary files. No remediation or exploit details are provided in the connected documents.

CVE-2002-1956

ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files...

CVE-2002-1956

ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files...

CVE-2002-1956

ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files...

DEBIAN-CVE-2002-1956

ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files...

CVE-2002-1956

ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to write to arbitrary files...