RuggedCom Rugged Operating System < 3.12.2 Multiple Security Vulnerabilities

High Nessus Network Monitor Plugin ID 8027


The remote host is running a vulnerable version of the RuggedCom Rugged Operating System (ROS).


RuggedCom is a company specializing in building durable devices which are often deployed in harsh conditions. Given this, RuggedCom devices are oftentimes found within ICS/SCADA networks. Versions of the ROS prior to 3.12.2 are known to have the following security-related vulnerabilities:

-The integrated web server (port 443/tcp) of the affected device might allow attackers to guess the session id of an active web session and hijack it.

-The integrated web server (port 443/tcp) of the affected device might allow attackers with unprivileged accounts (guest or operator) to perform limited administrative operations over the network.

- A security bypass in the web interface might allow unauthorized/unprivileged users to modify system alarms.

- The 'weak password' alarm does not properly notify the user in the event a weak password is configured, which could lead to easier brute forcing by an attacker.

- Auto-generated SSH/SSL credentials might overwrite user-installed credentials in certain situations.

- Several other bugs exist related to default guest and operator accounts, as well as system time discrepancies.


The vendor has released an update. Update to ROS version 3.12.2 or later, and ensure that access to this server is restricted to only trusted hosts/networks.

See Also

Plugin Details

Severity: High

ID: 8027

File Name: 8027.prm

Family: SCADA

Published: 2013/10/16

Modified: 2016/02/05

Dependencies: 6888

Nessus ID: 70351

Risk Information

Risk Factor: High


Base Score: 8.3

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C


Base Score: 6.9

Temporal Score: 6.2


Temporal Vector: CVSS3#E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:ruggedcom_rugged_operating_system

Patch Publication Date: 2013/10/03

Vulnerability Publication Date: 2013/10/03

Reference Information

CVE: CVE-2013-6925, CVE-2013-6926

BID: 61986, 62798, 64155

OSVDB: 98112, 98113, 98114, 100680, 100681