Remote Information Disclosure in Siemens RUGGEDCOM ROS
CVE-2015-7836

Currently unrated

Key Information:

Vendor: Siemens
Status: Ruggedcom Rugged Operating System
Vendor: CVE Published:; 28 October 2015

What is CVE-2015-7836?

A vulnerability in Siemens RUGGEDCOM ROS prior to version 4.2.1 permits remote attackers to glean sensitive VLAN information by intercepting Ethernet frames on the network. This flaw could expose critical network configuration data, making it essential for organizations to assess their network security protocols and update to secure versions to mitigate potential risks.

References

http://www.siemens.com/cert/pool/cert/siemens_security_ad...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1033973

vdb-entryx_refsource_SECTRACK

https://ics-cert.us-cert.gov/advisories/ICSA-15-300-01

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 28, 2015
Vulnerability Reserved
Oct 15, 2015