CVE-2012-4698

Name of the Vulnerable Software and Affected Versions Siemens RuggedCom Rugged Operating System (ROS) versions prior to 3.12 ROX I OS versions prior to 1.14.6 ROX II OS versions prior to 2.3.1 RuggedMax OS versions prior to 4.2.1.4621.23

Description The issue allows man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging hardcoded private keys for SSL and SSH communication. These keys are available within ROS files at all customer installations.

Recommendations For Siemens RuggedCom Rugged Operating System (ROS) versions prior to 3.12, update to version 3.12 or later. For ROX I OS versions prior to 1.14.6, update to version 1.14.6 or later. For ROX II OS versions prior to 2.3.1, update to version 2.3.1 or later. For RuggedMax OS versions prior to 4.2.1.4621.23, update to version 4.2.1.4621.23 or later.