Siemens has patched a denial-of-service vulnerability that affected many versions of its Rugged Operating System, software that runs on some of the company’s RuggedCom switches and serial-to-ethernet devices.
The vulnerability could enable a remote attacker to cause the Rugged OS software to crash by sendin specially crafted packets to the Web interface of a vulnerable device. The flaw was reported to Siemens through ICS-CERT and was discovered by researcher Aivar Liimets from Martem Telecontrol Systems. Siemens released updated firmware versions for the affected products to fix the vulnerability.
“The implementation of the web server (Port 80/TCP) in the affected devices might allow attackers to perform a DoS attack against the device’s management web interface by sending specially crafted packets over the network without prior authentication. The switching functionality is not affected, only the web interface. A manual cold restart of the device is necessary to regain access to the web management interface,” the ICS-CERT advisory says.
“The affected products, RuggedCom switches and serial-to-Ethernet devices, are used to connect devices that operate in harsh environments such as electric utility substations and traffic control cabinets. According to Siemens, RuggedCom ROS-based products are deployed across several sectors including Energy, Healthcare and Public Health, and Transportation Systems.”
The affected products from Siemens include:
- All ROS versions prior to v3.11,
- ROS v3.11 (for product RS950G): all versions prior to ROS v3.11.5,
- ROS v3.12: all versions prior to ROS v3.12.4, and
- ROS v4.0 (for product RSG2488): all versions prior to ROS v4.1.0.
The ICS-CERT advisory says that there is no known public exploit for the vulnerability right now, but customers running a vulnerable version of the firmware should update as soon as i practical.