Multiple vulnerabilities in Siemens RUGGEDCOM ROX



Published: 2021-09-17
Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2021-37173
CVE-2021-37174
CVE-2021-37175
CWE-ID CWE-200
CWE-250
CWE-264
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
RUGGEDCOM ROX MX5000
Hardware solutions / Firmware

RUGGEDCOM ROX RX1400
Hardware solutions / Firmware

RUGGEDCOM ROX RX1500
Hardware solutions / Firmware

RUGGEDCOM ROX RX1501
Hardware solutions / Firmware

RUGGEDCOM ROX RX1510
Hardware solutions / Firmware

RUGGEDCOM ROX RX1511
Hardware solutions / Firmware

RUGGEDCOM ROX RX1512
Hardware solutions / Firmware

RUGGEDCOM ROX RX1524
Hardware solutions / Firmware

RUGGEDCOM ROX RX1536
Hardware solutions / Firmware

RUGGEDCOM ROX RX5000
Hardware solutions / Firmware

Vendor

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Information disclosure

EUVDB-ID: #VU56672

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-37173

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in the Secure Shell (SSH). A remote authenticated attacker can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

RUGGEDCOM ROX MX5000: before 2.14.1

RUGGEDCOM ROX RX1400: before 2.14.1

RUGGEDCOM ROX RX1500: before 2.14.1

RUGGEDCOM ROX RX1501: before 2.14.1

RUGGEDCOM ROX RX1510: before 2.14.1

RUGGEDCOM ROX RX1511: before 2.14.1

RUGGEDCOM ROX RX1512: before 2.14.1

RUGGEDCOM ROX RX1524: before 2.14.1

RUGGEDCOM ROX RX1536: before 2.14.1

RUGGEDCOM ROX RX5000: before 2.14.1

External links

http://cert-portal.siemens.com/productcert/pdf/ssa-150692.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Execution with unnecessary privileges

EUVDB-ID: #VU56673

Risk: Medium

CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-37174

CWE-ID: CWE-250 - Execution with Unnecessary Privileges

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to application binary has a setuid bit. A remote authenticated attacker can run the affected binary and execute arbitrary code on the system with root privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

RUGGEDCOM ROX MX5000: before 2.14.1

RUGGEDCOM ROX RX1400: before 2.14.1

RUGGEDCOM ROX RX1500: before 2.14.1

RUGGEDCOM ROX RX1501: before 2.14.1

RUGGEDCOM ROX RX1510: before 2.14.1

RUGGEDCOM ROX RX1511: before 2.14.1

RUGGEDCOM ROX RX1512: before 2.14.1

RUGGEDCOM ROX RX1524: before 2.14.1

RUGGEDCOM ROX RX1536: before 2.14.1

RUGGEDCOM ROX RX5000: before 2.14.1

External links

http://cert-portal.siemens.com/productcert/pdf/ssa-150692.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU56674

Risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-37175

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the affected devices do not properly handle permissions to traverse the file system. A remote authenticated attacker can gain access to an overview of the overview of the complete file system on the affected devices.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

RUGGEDCOM ROX MX5000: before 2.14.1

RUGGEDCOM ROX RX1400: before 2.14.1

RUGGEDCOM ROX RX1500: before 2.14.1

RUGGEDCOM ROX RX1501: before 2.14.1

RUGGEDCOM ROX RX1510: before 2.14.1

RUGGEDCOM ROX RX1511: before 2.14.1

RUGGEDCOM ROX RX1512: before 2.14.1

RUGGEDCOM ROX RX1524: before 2.14.1

RUGGEDCOM ROX RX1536: before 2.14.1

RUGGEDCOM ROX RX5000: before 2.14.1

External links

http://cert-portal.siemens.com/productcert/pdf/ssa-150692.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###