Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Siemens RUGGEDCOM Devices Affected by Several Flaws

Siemens has shared recommendations for mitigating several medium and high severity vulnerabilities affecting some of the company’s RUGGEDCOM products.

Siemens has shared recommendations for mitigating several medium and high severity vulnerabilities affecting some of the company’s RUGGEDCOM products.

Four types of security holes have been identified in RUGGEDCOM appliances running any version of ROX I (Rugged Operating System on Linux). The affected products are industrially hardened security appliances with integrated router, firewall and VPN functionality. They are used worldwide at electric utility substations, traffic control cabinets and in other harsh environments.

A majority of the vulnerabilities were discovered and reported by researcher Maxim Rupp, including cross-site scripting (XSS), path traversal, privilege escalation and cross-site request forgery (CSRF) issues. One XSS flaw was also discovered by Siemens itself.

Rupp has identified roughly 20 parameters that allow hackers to launch XSS attacks and execute arbitrary JavaScript code due to improper input validation (CVE-2017-2687). The expert has also identified a path traversal vulnerability (CVE-2017-2686) that can be exploited to read arbitrary files and possibly access sensitive information.

Learn More at the 2017 Singapore ICS Cyber Security Conference

Another flaw, described as a privilege escalation (CVE-2017-2689), can be exploited to bypass access restrictions and obtain privileged file system access or change configuration settings.

The security hole exists due to several issues related to improper access control mechanisms, missing checks for unrestricted file uploads, and server misconfigurations.

Rupp has also identified a CSRF vulnerability (CVE-2017-2688) that can be exploited to perform various actions on behalf of a logged-in user who is tricked into clicking on a malicious link. The researcher said an attacker can combine the CSRF with the privilege escalation flaw to access files on the host without access to the device’s web interface.

Advertisement. Scroll to continue reading.

The vulnerabilities affect the web interface on port 10000/TCP and they either require the targeted user to click on a link, or the attacker needs to have network access and valid credentials in order to exploit them.

Advisories have been made available by ICS-CERT, Siemens and Rupp. While it hasn’t released any updates, Siemens has advised users to obtain a mitigation tool that can be used to disable the web interface and guest/operator accounts on the affected ROX I devices. The vendor also recommends limiting access to trusted admins, and using VPNs.

“As a general security measure Siemens strongly recommends to protect network access to the web interface at 10000/TCP of ROX I-based devices with appropriate mechanisms. It is advised to configure the environment according to our operational guidelines in order to run the devices in a protected IT environment,” Siemens said.

Related: Flaws Patched in Siemens RUGGEDCOM NMS Product

Related: High Severity Flaws Patched by Siemens, Schneider Electric

Related: Vulnerabilities Found in Siemens Desigo PX, SIMATIC Products

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.