RuggedCom Rugged Operating System < 3.12.2 Multiple Security Vulnerabilities

High Nessus Network Monitor Plugin ID 8027

Synopsis

The remote host is running a vulnerable version of the RuggedCom Rugged Operating System (ROS).

Description

RuggedCom is a company specializing in building durable devices which are often deployed in harsh conditions. Given this, RuggedCom devices are oftentimes found within ICS/SCADA networks. Versions of the ROS prior to 3.12.2 are known to have the following security-related vulnerabilities:

-The integrated web server (port 443/tcp) of the affected device might allow attackers to guess the session id of an active web session and hijack it.

-The integrated web server (port 443/tcp) of the affected device might allow attackers with unprivileged accounts (guest or operator) to perform limited administrative operations over the network.

- A security bypass in the web interface might allow unauthorized/unprivileged users to modify system alarms.

- The 'weak password' alarm does not properly notify the user in the event a weak password is configured, which could lead to easier brute forcing by an attacker.

- Auto-generated SSH/SSL credentials might overwrite user-installed credentials in certain situations.

- Several other bugs exist related to default guest and operator accounts, as well as system time discrepancies.

Solution

The vendor has released an update. Update to ROS version 3.12.2 or later, and ensure that access to this server is restricted to only trusted hosts/networks.

See Also

http://www.ruggedcom.com/pdfs/soft_history/ros_history/ros-cf52_main_v3-12-2.pdf

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-324789.pdf

http://ics-cert.us-cert.gov/advisories/ICSA-13-340-01

Plugin Details

Severity: High

ID: 8027

File Name: 8027.prm

Family: SCADA

Published: 2013/10/16

Modified: 2016/02/05

Dependencies: 6888

Nessus ID: 70351

Risk Information

Risk Factor: High

CVSSv2

Base Score: 8.3

Temporal Score: 6.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

CVSSv3

Base Score: 6.9

Temporal Score: 6.2

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

Temporal Vector: CVSS3#E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:siemens:ruggedcom_rugged_operating_system

Patch Publication Date: 2013/10/03

Vulnerability Publication Date: 2013/10/03

Reference Information

CVE: CVE-2013-6925, CVE-2013-6926

BID: 61986, 62798, 64155

OSVDB: 98112, 98113, 98114, 100680, 100681