cvelistv5 - cve-2012-4698

CVE-2012-4698 (GCVE-0-2012-4698)

Vulnerability from cvelistv5 – Published: 2012-12-23 21:00 – Updated: 2024-08-06 20:42

Summary

Severity ?

No CVSS data available.

CWE

Assigner

icscert

References

URL

VAR-201212-0036

Vulnerability from variot - Updated: 2023-12-18 14:02

Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations. plural Siemens Since the product uses a hard-coded private key, there are vulnerabilities that allow the server to be impersonated and network traffic to be decrypted.Man-in-the-middle attacks (man-in-the-middle attack) Is installed in the user's environment ROS By using the private key in the file, the server can be spoofed and network traffic can be decrypted. According to the report, SSL keys can be extracted from ROS binary files using publicly available software. RuggedCom Inc is the world's leading manufacturer of high-performance network and communications equipment for industrial environments. The Rugged operating system has a hard-coded RSA private key for SSL / TLS communication. The POC code for this vulnerability has been released by Justin W. Clarke of Cylance Inc. According to a report, this vulnerability can be used for SSL between end users and RuggedCom network devices The communication is decrypted. Rugged Operating System is prone to an information-disclosure vulnerability. There is a vulnerability in Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS before 1.14.5, ROX II OS before 2.3.0, and RuggedMax OS before 4.2.1.4621.22

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201212-0036",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ruggedmax os",
        "scope": "lte",
        "trust": 1.8,
        "vendor": "siemens",
        "version": "4.2.1.4621.22"
      },
      {
        "model": "rox i os",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "1.14.5"
      },
      {
        "model": "rox ii os",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "2.3.0"
      },
      {
        "model": "ros",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "siemens",
        "version": "3.11.0"
      },
      {
        "model": "ruggedcom rugged operating system",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "3.11"
      },
      {
        "model": "ruggedcom rugged operating system on linux i",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "1.14.5"
      },
      {
        "model": "ruggedcom rugged operating system on linux ii",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "siemens",
        "version": "2.3.0"
      },
      {
        "model": "ruggedcom rugged operating system",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "3.12"
      },
      {
        "model": "rox i os",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1.14.5"
      },
      {
        "model": "rox ii os",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2.3.0"
      },
      {
        "model": "ruggedmax os",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.2.1.4621.22"
      },
      {
        "model": "rugged operating system",
        "scope": null,
        "trust": 0.6,
        "vendor": "ruggedcom",
        "version": null
      },
      {
        "model": "ruggedmax os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "4.2.1.4621.22"
      },
      {
        "model": "rox ii os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "2.3.0"
      },
      {
        "model": "rox i os",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "1.14.5"
      },
      {
        "model": "ros",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "siemens",
        "version": "3.11.0"
      },
      {
        "model": "rugged operating system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ruggedcom",
        "version": "3.10.1"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      },
      {
        "db": "BID",
        "id": "55123"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4698"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-325"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:ros:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.11.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:rox_i_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.14.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:rox_ii_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.3.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:ruggedmax_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.2.1.4621.22",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-4698"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Justin W. Clarke",
    "sources": [
      {
        "db": "BID",
        "id": "55123"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-385"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-4698",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2012-4698",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 8.6,
            "id": "VHN-57979",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2012-4698",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201212-325",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-57979",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-57979"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4698"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-325"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations. plural Siemens Since the product uses a hard-coded private key, there are vulnerabilities that allow the server to be impersonated and network traffic to be decrypted.Man-in-the-middle attacks (man-in-the-middle attack) Is installed in the user\u0027s environment ROS By using the private key in the file, the server can be spoofed and network traffic can be decrypted. According to the report, SSL keys can be extracted from ROS binary files using publicly available software. RuggedCom Inc is the world\u0027s leading manufacturer of high-performance network and communications equipment for industrial environments. The Rugged operating system has a hard-coded RSA private key for SSL / TLS communication. The POC code for this vulnerability has been released by Justin W. Clarke of Cylance Inc. According to a report, this vulnerability can be used for SSL between end users and RuggedCom network devices The communication is decrypted. Rugged Operating System is prone to an information-disclosure vulnerability. There is a vulnerability in Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS before 1.14.5, ROX II OS before 2.3.0, and RuggedMax OS before 4.2.1.4621.22",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-4698"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      },
      {
        "db": "BID",
        "id": "55123"
      },
      {
        "db": "VULHUB",
        "id": "VHN-57979"
      }
    ],
    "trust": 3.06
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-4698",
        "trust": 3.4
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-354-01",
        "trust": 3.1
      },
      {
        "db": "SIEMENS",
        "id": "SSA-622607",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "55123",
        "trust": 1.6
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-12-354-01A",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005789",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-325",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-9303",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-4389",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-385",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-57979",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      },
      {
        "db": "VULHUB",
        "id": "VHN-57979"
      },
      {
        "db": "BID",
        "id": "55123"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4698"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-385"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-325"
      }
    ]
  },
  "id": "VAR-201212-0036",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      },
      {
        "db": "VULHUB",
        "id": "VHN-57979"
      }
    ],
    "trust": 1.9416781916666666
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      }
    ]
  },
  "last_update_date": "2023-12-18T14:02:06.591000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "RuggedCom Security Updates",
        "trust": 0.8,
        "url": "http://www.ruggedcom.com/productbulletin/ros-security-page/"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.siemens.com/entry/cc/en/"
      },
      {
        "title": "SSA-622607: RuggedCom Private Key Vulnerabilities for HTTPS/SSL and SSH",
        "trust": 0.8,
        "url": "https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30d1\u30fc\u30c8\u30ca\u30fc",
        "trust": 0.8,
        "url": "http://www.automation.siemens.com/automation/jp/ja/solutionpartner/pages/default.aspx"
      },
      {
        "title": "\u30b7\u30fc\u30e1\u30f3\u30b9\u30fb\u30b8\u30e3\u30d1\u30f3\u682a\u5f0f\u4f1a\u793e",
        "trust": 0.8,
        "url": "http://www.siemens.com/answers/jp/ja/"
      },
      {
        "title": "Patch for Rugged Operating System Hardcoded Private Key Vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/26800"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-57979"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4698"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://www.us-cert.gov/control_systems/pdf/icsa-12-354-01.pdf"
      },
      {
        "trust": 1.7,
        "url": "http://www.ruggedcom.com/productbulletin/ros-security-page/"
      },
      {
        "trust": 1.7,
        "url": "https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf"
      },
      {
        "trust": 1.1,
        "url": "http://ics-cert.us-cert.gov/advisories/icsa-12-354-01a"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4698"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4698"
      },
      {
        "trust": 0.6,
        "url": "http://isc.sans.edu/diary.html?storyid=13948http"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/55123"
      },
      {
        "trust": 0.3,
        "url": "http://www.ruggedcom.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      },
      {
        "db": "VULHUB",
        "id": "VHN-57979"
      },
      {
        "db": "BID",
        "id": "55123"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4698"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-385"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-325"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      },
      {
        "db": "VULHUB",
        "id": "VHN-57979"
      },
      {
        "db": "BID",
        "id": "55123"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4698"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-385"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-325"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-12-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "date": "2012-08-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      },
      {
        "date": "2012-12-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-57979"
      },
      {
        "date": "2012-08-21T00:00:00",
        "db": "BID",
        "id": "55123"
      },
      {
        "date": "2012-12-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      },
      {
        "date": "2012-12-23T21:55:01.437000",
        "db": "NVD",
        "id": "CVE-2012-4698"
      },
      {
        "date": "2012-08-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201208-385"
      },
      {
        "date": "2012-12-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201212-325"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-12-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-9303"
      },
      {
        "date": "2012-08-23T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      },
      {
        "date": "2013-05-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-57979"
      },
      {
        "date": "2013-04-29T20:51:00",
        "db": "BID",
        "id": "55123"
      },
      {
        "date": "2012-12-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-005789"
      },
      {
        "date": "2013-05-21T03:20:36.340000",
        "db": "NVD",
        "id": "CVE-2012-4698"
      },
      {
        "date": "2012-08-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201208-385"
      },
      {
        "date": "2012-12-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201212-325"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-385"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-325"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Rugged operating system private key disclosure vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-4389"
      },
      {
        "db": "BID",
        "id": "55123"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-385"
      }
    ],
    "trust": 1.5
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-385"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201212-325"
      }
    ],
    "trust": 1.2
  }
}

GHSA-GXFJ-PHF9-56VW

Vulnerability from github – Published: 2022-05-17 05:09 – Updated: 2025-04-11 04:05

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-4698"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-12-23T21:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations.",
  "id": "GHSA-gxfj-phf9-56vw",
  "modified": "2025-04-11T04:05:46Z",
  "published": "2022-05-17T05:09:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4698"
    },
    {
      "type": "WEB",
      "url": "https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf"
    },
    {
      "type": "WEB",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A"
    },
    {
      "type": "WEB",
      "url": "http://www.ruggedcom.com/productbulletin/ros-security-page"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2012-4698

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-4698

Aliases

CVE-2012-4698

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-4698",
    "description": "Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations.",
    "id": "GSD-2012-4698"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-4698"
      ],
      "details": "Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations.",
      "id": "GSD-2012-4698",
      "modified": "2023-12-13T01:20:15.435195Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "ID": "CVE-2012-4698",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf",
            "refsource": "MISC",
            "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf"
          },
          {
            "name": "http://www.ruggedcom.com/productbulletin/ros-security-page/",
            "refsource": "CONFIRM",
            "url": "http://www.ruggedcom.com/productbulletin/ros-security-page/"
          },
          {
            "name": "http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A",
            "refsource": "MISC",
            "url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A"
          },
          {
            "name": "https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf",
            "refsource": "CONFIRM",
            "url": "https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:ros:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.11.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:rox_i_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.14.5",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:rox_ii_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.3.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:siemens:ruggedmax_os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.2.1.4621.22",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2012-4698"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf"
            },
            {
              "name": "http://www.ruggedcom.com/productbulletin/ros-security-page/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.ruggedcom.com/productbulletin/ros-security-page/"
            },
            {
              "name": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf",
              "refsource": "MISC",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf"
            },
            {
              "name": "http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A",
              "refsource": "MISC",
              "tags": [],
              "url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2013-05-21T03:20Z",
      "publishedDate": "2012-12-23T21:55Z"
    }
  }
}

FKIE_CVE-2012-4698

Vulnerability from fkie_nvd - Published: 2012-12-23 21:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
ics-cert@hq.dhs.gov	http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A
ics-cert@hq.dhs.gov	http://www.ruggedcom.com/productbulletin/ros-security-page/	Vendor Advisory
ics-cert@hq.dhs.gov	http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf	US Government Resource
ics-cert@hq.dhs.gov	https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A
af854a3a-2127-422b-91ae-364da2661108	http://www.ruggedcom.com/productbulletin/ros-security-page/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
siemens	ros	*
siemens	rox_i_os	*
siemens	rox_ii_os	*
siemens	ruggedmax_os	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ros:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44D6C891-CAB1-498D-B68E-84EF210EB39D",
              "versionEndIncluding": "3.11.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:rox_i_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEFF857C-7B35-4E33-AC5A-FE8DDEEC13A4",
              "versionEndIncluding": "1.14.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:rox_ii_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7537182F-7500-4FBF-87AB-5617D660676F",
              "versionEndIncluding": "2.3.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:ruggedmax_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9001274A-0A68-4D69-ACEE-A7EDEC408AA8",
              "versionEndIncluding": "4.2.1.4621.22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations."
    },
    {
      "lang": "es",
      "value": "Siemens Ruggedcom Rugged Operating System (ROS) antes de v3.12, ROX I OS hasta v1.14.5, ROX II OS hasta v2.3.0 y RuggedMax OS hasta v4.2.1.4621.22 usa claves privadas para comunicaciones SSL y SSH escritas en c\u00f3digo, lo que hace que sea m\u00e1s f\u00e1cil para atacantes man-in-the-middle el crear servidores falsos y descifrar el tr\u00e1fico de red aprovech\u00e1ndose de la disponibilidad de estas claves dentro de los archivos de ROS en todas las instalaciones de los clientes.\r\n"
    }
  ],
  "id": "CVE-2012-4698",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-12-23T21:55:01.437",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ruggedcom.com/productbulletin/ros-security-page/"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://ics-cert.us-cert.gov/advisories/ICSA-12-354-01A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ruggedcom.com/productbulletin/ros-security-page/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/control_systems/pdf/ICSA-12-354-01.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.siemens.com/corporate-technology/pool/de/forschungsfelder/siemens_security_advisory_ssa-622607.pdf"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ICSA-12-354-01A

Vulnerability from csaf_cisa - Published: 2012-09-22 06:00 - Updated: 2025-06-18 19:25

Summary

Ruggedcom ROS Hard-Coded RSA SSL Private Key

Notes

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

CISA Disclaimer

This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Recommended Practices

CISA recommends users take defensive measures to minimize the risk of exploitation.

Recommended Practices

Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolating them from business networks.

Recommended Practices

When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.

Recommended Practices

Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

Recommended Practices

CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-12-354-01A JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2012/icsa-12-354-01a.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-12-354-01A - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-12-354-01a"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
      }
    ],
    "title": "Ruggedcom ROS Hard-Coded RSA SSL Private Key",
    "tracking": {
      "current_release_date": "2025-06-18T19:25:01.798871Z",
      "generator": {
        "date": "2025-06-18T19:25:01.798793Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-12-354-01A",
      "initial_release_date": "2012-09-22T06:00:00.000000Z",
      "revision_history": [
        {
          "date": "2012-09-22T06:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Initial Publication"
        },
        {
          "date": "2025-06-18T19:25:01.798871Z",
          "legacy_version": "CSAF Conversion",
          "number": "2",
          "summary": "Advisory converted into a CSAF"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=3.11",
                "product": {
                  "name": "Siemens Rugged OS: \u003c=3.11",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "Rugged OS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=ROX_v1.14.5",
                "product": {
                  "name": "Siemens ROX I OS firmware used by RX1000 and RX1100 series products. ROX I: \u003c=ROX_v1.14.5",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "ROX I OS firmware used by RX1000 and RX1100 series products. ROX I"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=ROX_v2.3.0",
                "product": {
                  "name": "Siemens ROX II OS firmware used by RX5000 and RX1500 series products. ROX II: \u003c=ROX_v2.3.0",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "ROX II OS firmware used by RX5000 and RX1500 series products. ROX II"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c=4.2.1.4621.22",
                "product": {
                  "name": "Siemens RuggedMax Operating System Firmware used by the Win7000 and Win7200 base station units and the Win5100 and Win5200 subscriber (CPE) devices: \u003c=4.2.1.4621.22",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "RuggedMax Operating System Firmware used by the Win7000 and Win7200 base station units and the Win5100 and Win5200 subscriber (CPE) devices"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-4698",
      "cwe": {
        "id": "CWE-798",
        "name": "Use of Hard-coded Credentials"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations.",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003",
          "CSAFPID-0004"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "ROS Update v3.12 has been produced to mitigate these issues and can be obtained from the RuggedCom Customer Support Team. Full information can be found at this link: (http://www.ruggedcom.com/productbulletin/ros-security-page/).",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ],
          "url": "http://www.ruggedcom.com/productbulletin/ros-security-page/"
        },
        {
          "category": "mitigation",
          "details": "ROX device customers are strongly encouraged to change their SSL and SSH keys. Application notes exist that explain how to change the SSL and SSH keys. Please consult App Note AN17 for ROX1.x versions of the firmware and App Note AN16 for ROX 2.x. These application notes can be obtained from RuggedCom\u2019s Customer Support Team.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For RuggedMax SSH service, the customer has the capability to generate new keys. Each device (subscriber or base station) can be triggered to generate a new SSH key by deleting the current key. Customers are strongly encouraged to generate new keys. A procedure on how to generate a new SSH key can be obtained from RuggedCom Customer Support Team.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "For the HTTPS access, a temporary solution exists with the current version of firmware to disable HTTPS access. For details on this procedure please contact the RuggedCom Customer Support Team.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        },
        {
          "category": "mitigation",
          "details": "Siemens recommendations the following mitigation strategies when deploying RuggedCom devices:  Do not connect ROS, RuggedMax devices directly to an untrusted network such as the Internet.  Establish a VPN solution to connect to an untrusted network such as the Internet.  Check for any signs of unauthorized access to a device (e.g., by reviewing syslogs).  Use industry best practices for security such as those defined by NERC-CIP.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "baseScore": 9.3,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003",
            "CSAFPID-0004"
          ]
        }
      ]
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-4698 (GCVE-0-2012-4698)

VAR-201212-0036

GHSA-GXFJ-PHF9-56VW

GSD-2012-4698

FKIE_CVE-2012-4698

ICSA-12-354-01A

Tags

Sightings

Nomenclature