Remote Access Vulnerability in Siemens RuggedCom ROS
CVE-2013-6926

Currently unrated

Key Information:

Vendor: Siemens
Status: Ruggedcom Rugged Operating System
Vendor: CVE Published:; 17 December 2013

Summary

In the integrated HTTPS server of Siemens RuggedCom ROS prior to version 3.12.2, a vulnerability exists that enables remote authenticated users to circumvent intended administrative restrictions. This is achieved by exploiting access through either a guest or operator account, potentially allowing unauthorized actions within the system. Users must ensure they upgrade to the latest version to mitigate this risk.

References

http://ics-cert.us-cert.gov/advisories/ICSA-13-340-01

x_refsource_MISC

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 17, 2013
Vulnerability Reserved
Dec 3, 2013