Network Security Vulnerability in Siemens RUGGEDCOM ROS
CVE-2015-6675

Currently unrated

Key Information:

Vendor: Siemens
Status: Ruggedcom Rugged Operating System
Vendor: CVE Published:; 11 September 2015

What is CVE-2015-6675?

The Siemens RUGGEDCOM ROS software versions 3.8.0 through 4.1.x feature a vulnerability that permanently enables the IP forwarding function. This misconfiguration permits remote attackers to circumvent VLAN isolation controls by routing unauthorized IP traffic. Organizations using this software are encouraged to assess their network configurations to ensure VLAN security measures are adequately enforced.

References

http://www.siemens.com/cert/pool/cert/siemens_security_ad...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1033478

vdb-entryx_refsource_SECTRACK

https://ics-cert.us-cert.gov/advisories/ICSA-15-244-01

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2015
Vulnerability Reserved
Aug 26, 2015