PT-2015-1270 · Siemens · Siemens Ruggedcom Win70Xx+3

Publicado

2015-02-02

·

Atualizado

2015-02-04

·

CVE-2015-1448

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Siemens Ruggedcom WIN51xx devices versions prior to SS4.4.4624.35 Siemens Ruggedcom WIN52xx devices versions prior to SS4.4.4624.35 Siemens Ruggedcom WIN70xx devices versions prior to BS4.4.4621.32 Siemens Ruggedcom WIN72xx devices versions prior to BS4.4.4621.32
Description The issue allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors, potentially giving access to the device with administrator privileges. This affects the integrated management service on various Siemens Ruggedcom devices.
Recommendations For Siemens Ruggedcom WIN51xx devices versions prior to SS4.4.4624.35, update to firmware version SS4.4.4624.35 or later. For Siemens Ruggedcom WIN52xx devices versions prior to SS4.4.4624.35, update to firmware version SS4.4.4624.35 or later. For Siemens Ruggedcom WIN70xx devices versions prior to BS4.4.4621.32, update to firmware version BS4.4.4621.32 or later. For Siemens Ruggedcom WIN72xx devices versions prior to BS4.4.4621.32, update to firmware version BS4.4.4621.32 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

BDU:2015-10294
BDU:2015-10295
BDU:2015-10296
BDU:2015-10297
CVE-2015-1448

Produtos afetados

Siemens Ruggedcom Win51Xx
Siemens Ruggedcom Win52Xx
Siemens Ruggedcom Win70Xx
Siemens Ruggedcom Win72Xx