Password Hash Exposure in Siemens Ruggedcom Devices
CVE-2015-1357

Currently unrated

Key Information:

Vendor: Siemens
Status: Ruggedcom Firmware
Vendor: CVE Published:; 2 February 2015

What is CVE-2015-1357?

Siemens Ruggedcom WIN51xx, WIN52xx, WIN70xx, and WIN72xx devices with outdated firmware are susceptible to a vulnerability that allows malicious actors to obtain password hashes. This issue stems from improper file and security log handling, enabling potential exploitation by context-dependent attackers to read sensitive information, thereby compromising device security integrity.

References

http://www.siemens.com/innovation/pool/de/forschungsfelde...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 2, 2015
Vulnerability Reserved
Jan 26, 2015