CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-4698

Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A
http://www.ruggedcom.com/productbulletin/ros-security-page/
http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf
https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf
http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A
http://www.ruggedcom.com/productbulletin/ros-security-page/
http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf
https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf

Products affected by CVE-2012-4698

Siemens » Ros » Version: Any

cpe:2.3:o:siemens:ros:*
Siemens » Rox I Os » Version: Any

cpe:2.3:o:siemens:rox_i_os:*
Siemens » Rox Ii Os » Version: Any

cpe:2.3:o:siemens:rox_ii_os:*
Siemens » Ruggedmax Os » Version: Any

cpe:2.3:o:siemens:ruggedmax_os:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-4698

Products

Pricing

Contact Us