Backdoor Vulnerability in Rugged Operating System by RuggedCom
CVE-2012-1803

Currently unrated

Key Information:

Vendor: Siemens
Status: Ruggedcom Rugged Operating System
Vendor: CVE Published:; 28 April 2012

Summary

The Rugged Operating System (ROS) by RuggedCom has a significant security flaw where a factory default account can be accessed using a password derived from the MAC address displayed in the system's banner. This design vulnerability enables attackers to easily calculate this password, allowing them to establish unauthorized access through various means, including TELNET, remote shell, or a serial-console session. Such access could potentially compromise sensitive systems, especially in SCADA environments.

References

http://www.wired.com/threatlevel/2012/04/ruggedcom-backdoor/

x_refsource_MISC

http://www.exploit-db.com/exploits/18779

exploitx_refsource_EXPLOIT-DB

https://exchange.xforce.ibmcloud.com/vulnerabilities/75120

vdb-entryx_refsource_XF

EPSS Score

61% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 28, 2012
Vulnerability Reserved
Mar 21, 2012