ssa-764417
Vulnerability from csaf_siemens
Published
2022-03-08 00:00
Modified
2023-11-14 00:00
Summary
SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices
Notes
Summary
The SSH server on RUGGEDCOM ROS devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.
Siemens has released updates for the affected products and recommends to update to the latest versions.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The SSH server on RUGGEDCOM ROS devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.\n\nSiemens has released updates for the affected products and recommends to update to the latest versions.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-764417.html"
},
{
"category": "self",
"summary": "SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-764417.json"
},
{
"category": "self",
"summary": "SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices - PDF Version",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-764417.pdf"
},
{
"category": "self",
"summary": "SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices - TXT Version",
"url": "https://cert-portal.siemens.com/productcert/txt/ssa-764417.txt"
}
],
"title": "SSA-764417: Weak Encryption Vulnerability in RUGGEDCOM ROS Devices",
"tracking": {
"current_release_date": "2023-11-14T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-764417",
"initial_release_date": "2022-03-08T00:00:00Z",
"revision_history": [
{
"date": "2022-03-08T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2022-03-11T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Corrected the list of affected products and fix releases"
},
{
"date": "2022-04-12T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added acknowledgements"
},
{
"date": "2022-06-14T00:00:00Z",
"legacy_version": "1.3",
"number": "4",
"summary": "Corrected title, vulnerability description, CVSS vector and CWE ID; clarified that a fix release is currently not available for affected devices"
},
{
"date": "2022-08-09T00:00:00Z",
"legacy_version": "1.4",
"number": "5",
"summary": "Reflected a more accurate fix status in advisory"
},
{
"date": "2022-11-08T00:00:00Z",
"legacy_version": "1.5",
"number": "6",
"summary": "Reflect information about an upcoming fix. Highlight version lines of the affected devices"
},
{
"date": "2022-12-13T00:00:00Z",
"legacy_version": "1.6",
"number": "7",
"summary": "Added fix for RUGGEDCOM ROS V5.X devices"
},
{
"date": "2023-03-14T00:00:00Z",
"legacy_version": "1.7",
"number": "8",
"summary": "Added missing affected products. Added fix for RUGGEDCOM ROS devices using V4.X"
},
{
"date": "2023-11-14T00:00:00Z",
"legacy_version": "1.8",
"number": "9",
"summary": "Added missing affected products: RUGGEDCOM RS416v2 V4.X, RUGGEDCOM RS416Pv2 V4.X. Adjusted the name of RUGGEDCOM RS416v2 V5.X, RUGGEDCOM RS416Pv2 V5.X (added reference to V5.X)"
}
],
"status": "interim",
"version": "9"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM i800",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM i800"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM i801",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM i801"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM i802",
"product_id": "3"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM i802"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM i803",
"product_id": "4"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM i803"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM M969",
"product_id": "5"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM M969"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM M2100",
"product_id": "6"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM M2100"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM M2200",
"product_id": "7"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM M2200"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RMC30",
"product_id": "8"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RMC30"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RMC8388 V4.X",
"product_id": "9"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RMC8388 V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RMC8388 V5.X",
"product_id": "10"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RMC8388 V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RP110",
"product_id": "11"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RP110"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS400",
"product_id": "12"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS400"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS401",
"product_id": "13"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS401"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS416",
"product_id": "14"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS416"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS416P",
"product_id": "15"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS416P"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS416Pv2 V4.X",
"product_id": "16"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS416Pv2 V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RS416Pv2 V5.X",
"product_id": "17"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS416Pv2 V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS416v2 V4.X",
"product_id": "18"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS416v2 V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RS416v2 V5.X",
"product_id": "19"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS416v2 V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900",
"product_id": "20"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900 (32M) V4.X",
"product_id": "21"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900 (32M) V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RS900 (32M) V5.X",
"product_id": "22"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900 (32M) V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900G",
"product_id": "23"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900G (32M) V4.X",
"product_id": "24"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900G (32M) V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RS900G (32M) V5.X",
"product_id": "25"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900G (32M) V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900GP",
"product_id": "26"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900GP"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900L",
"product_id": "27"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900L"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900M-GETS-C01",
"product_id": "28"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900M-GETS-C01"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900M-GETS-XX",
"product_id": "29"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900M-GETS-XX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900M-STND-C01",
"product_id": "30"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900M-STND-C01"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900M-STND-XX",
"product_id": "31"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900M-STND-XX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS900W",
"product_id": "32"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS900W"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS910",
"product_id": "33"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS910"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS910L",
"product_id": "34"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS910L"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS910W",
"product_id": "35"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS910W"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS920L",
"product_id": "36"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS920L"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS920W",
"product_id": "37"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS920W"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS930L",
"product_id": "38"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS930L"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS930W",
"product_id": "39"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS930W"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS940G",
"product_id": "40"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS940G"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS969",
"product_id": "41"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS969"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS1600",
"product_id": "42"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS1600"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS1600F",
"product_id": "43"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS1600F"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS1600T",
"product_id": "44"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS1600T"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS8000",
"product_id": "45"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS8000"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS8000A",
"product_id": "46"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS8000A"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS8000H",
"product_id": "47"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS8000H"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RS8000T",
"product_id": "48"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RS8000T"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG907R",
"product_id": "49"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG907R"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG908C",
"product_id": "50"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG908C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG909R",
"product_id": "51"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG909R"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG910C",
"product_id": "52"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG910C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RSG920P V4.X",
"product_id": "53"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG920P V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG920P V5.X",
"product_id": "54"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG920P V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RSG2100",
"product_id": "55"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2100"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RSG2100 (32M) V4.X",
"product_id": "56"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2100 (32M) V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG2100 (32M) V5.X",
"product_id": "57"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2100 (32M) V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RSG2100P",
"product_id": "58"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2100P"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RSG2200",
"product_id": "59"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2200"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RSG2288 V4.X",
"product_id": "60"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2288 V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG2288 V5.X",
"product_id": "61"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2288 V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RSG2300 V4.X",
"product_id": "62"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2300 V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG2300 V5.X",
"product_id": "63"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2300 V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RSG2300P V4.X",
"product_id": "64"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2300P V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG2300P V5.X",
"product_id": "65"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2300P V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV4.3.8",
"product": {
"name": "RUGGEDCOM RSG2488 V4.X",
"product_id": "66"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2488 V4.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSG2488 V5.X",
"product_id": "67"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSG2488 V5.X"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RSL910",
"product_id": "68"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RSL910"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RST916C",
"product_id": "69"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RST916C"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RST916P",
"product_id": "70"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RST916P"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RST2228",
"product_id": "71"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RST2228"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV5.7.0",
"product": {
"name": "RUGGEDCOM RST2228P",
"product_id": "72"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM RST2228P"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-37209",
"cwe": {
"id": "CWE-326",
"name": "Inadequate Encryption Strength"
},
"notes": [
{
"category": "summary",
"text": "The SSH server on affected devices is configured to offer weak ciphers by default.\r\n\r\nThis could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"6",
"7",
"5",
"8",
"9",
"10",
"11",
"42",
"43",
"44",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"45",
"46",
"47",
"48",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"49",
"50",
"51",
"52",
"53",
"54",
"68",
"71",
"72",
"69",
"70"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Configure the SSH clients to make use of the following strong key exchange ciphers, supported by the ROS SSH server: ecdh-sha2-nistp256, ecdh-sha2-nistp384, or ecdh-sha2-nistp521",
"product_ids": [
"1",
"2",
"3",
"4",
"6",
"7",
"5",
"8",
"9",
"10",
"11",
"42",
"43",
"44",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"45",
"46",
"47",
"48",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"49",
"50",
"51",
"52",
"53",
"54",
"68",
"71",
"72",
"69",
"70"
]
},
{
"category": "mitigation",
"details": "Add only trusted SSH client public keys to ROS and allow access to those clients only",
"product_ids": [
"1",
"2",
"3",
"4",
"6",
"7",
"5",
"8",
"9",
"10",
"11",
"42",
"43",
"44",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"45",
"46",
"47",
"48",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"49",
"50",
"51",
"52",
"53",
"54",
"68",
"71",
"72",
"69",
"70"
]
},
{
"category": "vendor_fix",
"details": "Update to V4.3.8 or later version",
"product_ids": [
"1",
"2",
"3",
"4",
"6",
"7",
"5",
"8",
"9",
"11",
"42",
"43",
"44",
"12",
"13",
"14",
"16",
"18",
"45",
"46",
"47",
"48",
"20",
"21",
"23",
"24",
"26",
"27",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"55",
"56",
"58",
"59",
"60",
"62",
"64",
"66",
"53"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109816735/"
},
{
"category": "vendor_fix",
"details": "Update to V4.3.8 or later version",
"product_ids": [
"15",
"28",
"29",
"30",
"31"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109816735/"
},
{
"category": "vendor_fix",
"details": "Update to V5.7.0 or later version",
"product_ids": [
"10",
"17",
"19",
"22",
"25",
"57",
"61",
"63",
"65",
"67",
"49",
"50",
"51",
"52",
"54",
"68",
"71",
"72",
"69",
"70"
],
"url": "https://support.industry.siemens.com/cs/ww/en/view/109814608/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"6",
"7",
"5",
"8",
"9",
"10",
"11",
"42",
"43",
"44",
"12",
"13",
"14",
"15",
"16",
"17",
"18",
"19",
"45",
"46",
"47",
"48",
"20",
"21",
"22",
"23",
"24",
"25",
"26",
"27",
"28",
"29",
"30",
"31",
"32",
"33",
"34",
"35",
"36",
"37",
"38",
"39",
"40",
"41",
"55",
"56",
"57",
"58",
"59",
"60",
"61",
"62",
"63",
"64",
"65",
"66",
"67",
"49",
"50",
"51",
"52",
"53",
"54",
"68",
"71",
"72",
"69",
"70"
]
}
],
"title": "CVE-2021-37209"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.