QID 591259
Date Published: 2023-01-06
QID 591259: Siemens RUGGEDCOM Devices Inadequate Encryption Strength Vulnerability (ICSA-22-069-01, SSA-764417)
AFFECTED PRODUCTS
RUGGEDCOM ROS i800 V4.X: All Versions.
RUGGEDCOM ROS i801 V4.X: All Versions.
RUGGEDCOM ROS i802 V4.X: All Versions.
RUGGEDCOM ROS i803 V4.X: All Versions.
RUGGEDCOM ROS RMC30 V4.X: All Versions.
RUGGEDCOM ROS RMC8388 V4.X: All Versions.
RUGGEDCOM ROS RP110 V4.X: All Versions.
RUGGEDCOM ROS RS1600 V4.X: All Versions.
RUGGEDCOM ROS RS1600F V4.X: All Versions.
RUGGEDCOM ROS RS1600T V4.X: All Versions.
RUGGEDCOM ROS RS400 V4.X: All Versions.
RUGGEDCOM ROS RS401 V4.X: All Versions.
RUGGEDCOM ROS RS416Pv2 V4.X: All Versions.
RUGGEDCOM ROS RS416v2 V4.X: All Versions.
RUGGEDCOM ROS RS8000 V4.X: All Versions.
RUGGEDCOM ROS RS8000A V4.X: All Versions.
RUGGEDCOM ROS RS8000H V4.X: All Versions.
RUGGEDCOM ROS RS8000T V4.X: All Versions.
RUGGEDCOM ROS RS900 (32M) V4.X: All Versions.
RUGGEDCOM ROS RS900 V4.X: All Versions.
RUGGEDCOM ROS RS900G (32M) V4.X: All Versions.
RUGGEDCOM ROS RS900G V4.X: All Versions.
RUGGEDCOM ROS RS900GP V4.X: All Versions.
RUGGEDCOM ROS RS900L V4.X: All Versions.
RUGGEDCOM ROS RS900M V4.X: All Versions.
RUGGEDCOM ROS RS900W V4.X: All Versions.
RUGGEDCOM ROS RS910 V4.X: All Versions.
RUGGEDCOM ROS RS910L V4.X: All Versions.
RUGGEDCOM ROS RS910W V4.X: All Versions.
RUGGEDCOM ROS RS920L V4.X: All Versions.
RUGGEDCOM ROS RS920W V4.X: All Versions.
RUGGEDCOM ROS RS930L V4.X: All Versions.
RUGGEDCOM ROS RS930W V4.X: All Versions.
RUGGEDCOM ROS RS940G V4.X: All Versions.
RUGGEDCOM ROS RSG2100 (32M) V4.X: All Versions.
RUGGEDCOM ROS RSG2100 V4.X: All Versions.
RUGGEDCOM ROS RSG2100P V4.X: All Versions.
RUGGEDCOM ROS RSG2200 V4.X: All Versions.
RUGGEDCOM ROS RSG2288 V4.X: All Versions.
RUGGEDCOM ROS RSG2300 V4.X: All Versions.
RUGGEDCOM ROS RSG2300P V4.X: All Versions.
RUGGEDCOM ROS RSG2488 V4.X: All Versions.
RUGGEDCOM ROS RMC8388 V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RS416Pv2 V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RS416v2 V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RS900 (32M) V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RS900G (32M) V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG2100 (32M) V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG2288 V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG2300P V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG2300 V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG2488 V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG907R V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG908C V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG909R V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG910C V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG920P V4.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSG920P V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RSL910 V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RST2228 V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RST2228P V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RST916C V5.X: All Versions prior to v5.7.0.
RUGGEDCOM ROS RST916P V5.X: All Versions prior to v5.7.0.
QID Detection Logic:
This QID checks for the Vulnerable version of Siemens RUGGEDCOM Devices using passive scanning
Successful exploitation of this vulnerability could allow an authorized threat actor to obtain privileges to access passwords.
Customers are advised to refer to CERT MITIGATIONS section ICSA-22-069-01 or Siemens MITIGATIONS section SSA-764417 for affected packages and patching details.
- ICSA-22-069-01 -
www.cisa.gov/uscert/ics/advisories/icsa-22-069-01
CVEs related to QID 591259
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| ICSA-22-069-01 |
www.cisa.gov/uscert/ics/advisories/icsa-22-069-01 |
||
| SSA-764417 |
cert-portal.siemens.com/productcert/html/ssa-764417.html |