Remote Code Execution in Siemens RuggedCom ROS Management Interface
CVE-2014-2590

Currently unrated

Key Information:

Vendor: Siemens
Status: Ruggedcom Rugged Operating System
Vendor: CVE Published:; 1 April 2014

Summary

The web management interface of Siemens RuggedCom ROS, versions before 3.11, 3.11 before 3.11.5 for RS950G, 3.12, and 4.0 for RSG2488, exhibits a vulnerability that permits remote attackers to send specially crafted HTTP packets, resulting in a denial of service. This can lead to an outage of the interface, disrupting user access and functionality. Users should ensure they are using updated versions and follow security advisories to mitigate the risks.

References

http://ics-cert.us-cert.gov/advisories/ICSA-14-087-01

x_refsource_MISC

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 1, 2014
Vulnerability Reserved
Mar 24, 2014