RuggedCom RuggedOS < 3.12.2 Multiple Vulnerabilities

high Nessus Plugin ID 70351

Synopsis

The remote device is affected by multiple vulnerabilities.

Description

The self-reported version of the remote RuggedCom RuggedOS (ROS) device is a version prior to 3.12.2. It is, therefore, affected by multiple vulnerabilities, the worst of which could allow a remote, authenticated user to perform unauthorized configuration actions on the device.

Solution

Upgrade to RuggedCom RuggedOS version 3.12.2 or later.

See Also

http://www.nessus.org/u?48d7e2a4

Plugin Details

Severity: High

ID: 70351

File Name: scada_ruggedos_http_3_12_2.nbin

Version: 1.128

Type: remote

Family: SCADA

Published: 10/7/2013

Updated: 3/19/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C

CVSS Score Source: CVE-2013-6925

Vulnerability Information

CPE: cpe:/o:siemens:ruggedcom_rugged_operating_system

Required KB Items: www/scada_ruggedos

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/1/2013

Vulnerability Publication Date: 9/1/2013

Reference Information

CVE: CVE-2013-6925, CVE-2013-6926

BID: 61986, 62798, 64155

ICSA: 13-340-01