CBC Padding Vulnerability in Siemens RuggedCom ROS and ROX II
CVE-2015-5537

Currently unrated

Key Information:

Vendor

Siemens
Status
Ruggedcom Rugged Operating System
Ruggedcom Rox Ii Firmware
Vendor
CVE Published:
3 August 2015

What is CVE-2015-5537?

The SSL implementation in the HTTPS service of Siemens RuggedCom ROS versions prior to 4.2.0 and ROX II suffers from improper handling of CBC padding. This weakness allows man-in-the-middle attackers to exploit a padding-oracle attack, potentially decrypting sensitive information transmitted over the network. This vulnerability differs from others, notably affecting the confidentiality of data in transit.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1033022
vdb-entryx_refsource_SECTRACK
http://www.siemens.com/innovation/pool/de/forschungsfelde...
x_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSA-15-202-03A
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.