CVE-2012-1803 - RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password der

CVE-2012-1803

Summary

RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) TELNET, (2) remote shell (aka rsh), or (3) serial-console session.

References

Vulnerable Configurations

cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.2.5:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.2.5:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.3.6:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.3.6:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.4.9:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.4.9:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.5.4:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.5.4:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.6.6:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.6.6:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.7.9:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.7.9:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.8.5:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.8.5:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.9.3:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.9.3:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.10.1:*:*:*:*:*:*:*
cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:3.10.1:*:*:*:*:*:*:*

CVSS

Base:	8.5 (as of 01-02-2022 - 16:53)
Impact:
Exploitability:

CWE

CWE-310

CAPEC

Signature Spoofing by Key Recreation
An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:S/C:C/I:C/A:C

refmap via4

bid	53215
bugtraq	20120423 RuggedCom - Backdoor Accounts in my SCADA network? You don't say...
cert-vn	VU#889195
confirm	http://www.kb.cert.org/vuls/id/MAPG-8RCPEN http://www.ruggedcom.com/productbulletin/ros-security-page/
exploit-db	18779
fulldisc	20120423 RuggedCom - Backdoor Accounts in my SCADA network? You don't say...
misc	http://arstechnica.com/business/news/2012/04/backdoor-in-mission-critical-hardware-threatens-power-traffic-control-systems.ars http://ics-cert.us-cert.gov/advisories/ICSA-12-146-01A http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-116-01A.pdf http://www.wired.com/threatlevel/2012/04/ruggedcom-backdoor/
xf	ruggedcom-operating-system-backdoor(75120)

Last major update

01-02-2022 - 16:53

Published

28-04-2012 - 00:55

Last modified

01-02-2022 - 16:53