Siemens Fixes RuggedCom Vulnerability

Friday, February 21, 2014 @ 01:02 PM gHale

Siemens created a firmware update that mitigates an uncontrolled resource consumption vulnerability in the RuggedCom ROS v3.12, according to a report on ICS-CERT.

Siemens continues to develop firmware updates that mitigate the vulnerability in ROS v3.11 and prior, or ROS v4.0.

Mitsubishi Fixes ActiveX Control
ICONICS Patches ActiveX Control Bug
MatrikonOPC Patches Vulnerability
Siemens Fixes SIMATIC Vulnerabilities

The vulnerability, discovered by researchers Ling Toh Koh, Ng Yi Teng, Seyed Dawood Sajjadi Torshizi, Ryan Lee, and Ho Ping Hou of EV-Dynamic, Malaysia, is remotely exploitable.

The following RuggedCom ROS-based devices suffer from the issue:
• All ROS versions prior to 3.11
• ROS 3.11 (for RS950G): all versions
• ROS 3.12: all versions prior to ROS v3.12.4
• ROS 4.0 (for RSG2488).

Successful exploitation of this vulnerability may result in attackers causing a denial of service (DoS).

Siemens is a multinational company headquartered in Munich, Germany.

The affected products, RuggedCom ROS-based products, are switches and serial-to-Ethernet devices. RuggedCom ROS-based products operate in harsh environments such as electric utility substations and traffic control cabinets. Siemens said these products see use primarily in the United States and Europe with a small percentage in Asia.

The implementation of the Simple Network Management Protocol (SNMP) in the affected devices might allow attackers to perform a DoS attack against the device’s IP management interface by sending specially crafted packets over the network without authentication. Switching functionality is not affected and special and uncommon conditions must be fulfilled to perform this attack. After a manual cold restart of the device, access to the IP management interface ends up restored.

CVE-2014-1966b is the case number assigned to this vulnerability, which has a CVSS v2 base score of 2.6.

No known public exploits specifically target this vulnerability. An attacker with a high skill would be able to exploit this vulnerability.

RuggedCom/Siemens has provided firmware update ROS v3.12.4 that mitigates the potential vulnerability for RuggedCom products running ROS v3.12.

Firmware updates that fix the potential vulnerability for RuggedCom products running ROS v3.11 and prior, or ROS v4.0 are in preparation. The advisory will update when the new releases are available.

The firmware update is available for free by emailing RuggedCom support.

Click here for the Siemens security advisory.

Leave a Reply

You must be logged in to post a comment.