Stephen Craven

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RMC30 versions prior to V4.3.10 RUGGEDCOM RMC30NC versions prior to V4.3.10 RUGGEDCOM RP110 versions prior to V4.3.10 RUGGEDCOM RP110NC versions prior to V4.3.10 RUGGEDCOM RS400 versions prior to V4.3.10 RUGGEDCOM RS400NC versions prior to V4.3.10 RUGGEDCOM RS401 versions prior to V4.3.10 RUGGEDCOM RS401NC versions prior to V4.3.10 RUGGEDCOM RS416 versions prior to V4.3.10 RUGGEDCOM RS416NC versions prior to V4.3.10 RUGGEDCOM RS416NCv2 V4.X versions prior to V4.3.10 RUGGEDCOM RS416NCv2 V5.X versions prior to V5.9.0 RUGGEDCOM RS416P versions prior to V4.3.10 RUGGEDCOM RS416PNC versions prior to V4.3.10 RUGGEDCOM RS416PNCv2 V4.X versions prior to V4.3.10 RUGGEDCOM RS416PNCv2 V5.X versions prior to V5.9.0 RUGGEDCOM RS416Pv2 V4.X versions prior to V4.3.10 RUGGEDCOM RS416Pv2 V5.X versions prior to V5.9.0 RUGGEDCOM RS416v2 V4.X versions prior to V4.3.10 RUGGEDCOM RS416v2 V5.X versions prior to V5.9.0 RUGGEDCOM RS910 versions prior to V4.3.10 RUGGEDCOM RS910L all versions RUGGEDCOM RS910LNC all versions RUGGEDCOM RS910NC versions prior to V4.3.10 RUGGEDCOM RS910W versions prior to V4.3.10 RUGGEDCOM RS920L all versions RUGGEDCOM RS920LNC all versions RUGGEDCOM RS920W all versions Description: The issue is related to the disclosure of system data to unauthorized areas. In some configurations, the affected products wrongly enable the Modbus service in non-managed VLANS, which can be exploited by an attacker to reveal protected information. This issue affects only serial devices. Recommendations: For RUGGEDCOM RMC30 versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RMC30NC versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RP110 versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RP110NC versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS400 versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS400NC versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS401 versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS401NC versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS416 versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS416NC versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS416NCv2 V4.X versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS416NCv2 V5.X versions prior to V5.9.0, update to version V5.9.0 or later. For RUGGEDCOM RS416P versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS416PNC versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS416PNCv2 V4.X versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS416PNCv2 V5.X versions prior to V5.9.0, update to version V5.9.0 or later. For RUGGEDCOM RS416Pv2 V4.X versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS416Pv2 V5.X versions prior to V5.9.0, update to version V5.9.0 or later. For RUGGEDCOM RS416v2 V4.X versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS416v2 V5.X versions prior to V5.9.0, update to version V5.9.0 or later. For RUGGEDCOM RS910 versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS910L, consider disabling the Modbus service in non-managed VLANS as a temporary workaround. For RUGGEDCOM RS910LNC, consider disabling the Modbus service in non-managed VLANS as a temporary workaround. For RUGGEDCOM RS910NC versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS910W versions prior to V4.3.10, update to version V4.3.10 or later. For RUGGEDCOM RS920L, consider disabling the Modbus service in non-managed VLANS as a temporary workaround. For RUGGEDCOM RS920LNC, consider disabling the Modbus service in non-managed VLANS as a temporary workaround. For RUGGEDCOM RS920W, consider disabling the Modbus service in non-managed VLANS as a temporary workaround.

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM RMC8388 versions prior to V5.9.0 RUGGEDCOM RMC8388NC versions prior to V5.9.0 RUGGEDCOM RS416NCv2 versions prior to V5.9.0 RUGGEDCOM RS416PNCv2 versions prior to V5.9.0 RUGGEDCOM RS416Pv2 versions prior to V5.9.0 RUGGEDCOM RS416v2 versions prior to V5.9.0 RUGGEDCOM RS900 (32M) versions prior to V5.9.0 RUGGEDCOM RS900G (32M) versions prior to V5.9.0 RUGGEDCOM RS900GNC(32M) versions prior to V5.9.0 RUGGEDCOM RS900NC(32M) versions prior to V5.9.0 RUGGEDCOM RSG2100 (32M) versions prior to V5.9.0 RUGGEDCOM RSG2100NC(32M) versions prior to V5.9.0 RUGGEDCOM RSG2288 versions prior to V5.9.0 RUGGEDCOM RSG2288NC versions prior to V5.9.0 RUGGEDCOM RSG2300 versions prior to V5.9.0 RUGGEDCOM RSG2300NC versions prior to V5.9.0 RUGGEDCOM RSG2300P versions prior to V5.9.0 RUGGEDCOM RSG2300PNC versions prior to V5.9.0 RUGGEDCOM RSG2488 versions prior to V5.9.0 RUGGEDCOM RSG2488NC versions prior to V5.9.0 RUGGEDCOM RSG907R versions prior to V5.9.0 RUGGEDCOM RSG908C versions prior to V5.9.0 RUGGEDCOM RSG909R versions prior to V5.9.0 RUGGEDCOM RSG910C versions prior to V5.9.0 RUGGEDCOM RSG920P versions prior to V5.9.0 RUGGEDCOM RSG920PNC versions prior to V5.9.0 RUGGEDCOM RSL910 versions prior to V5.9.0 RUGGEDCOM RSL910NC versions prior to V5.9.0 RUGGEDCOM RST2228 versions prior to V5.9.0 RUGGEDCOM RST2228P versions prior to V5.9.0 RUGGEDCOM RST916C versions prior to V5.9.0 RUGGEDCOM RST916P versions prior to V5.9.0 Description: The affected products with IP forwarding enabled wrongly make available certain remote services in non-managed VLANs, even if these services are not intentionally activated. An attacker could leverage this issue to create a remote shell to the affected system. The vulnerability is related to insufficient access control in the IP forwarding function of the RUGGEDCOM Ethernet switch firmware. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information. Recommendations: For all versions prior to V5.9.0, update to version V5.9.0 or later to resolve the issue. As a temporary workaround, consider disabling IP forwarding until a patch is available. Restrict access to remote services in non-managed VLANs to minimize the risk of exploitation. Avoid using the affected products with IP forwarding enabled in sensitive environments until the issue is resolved. At the moment, there is no other information about additional mitigation measures.

**Name of the Vulnerable Software and Affected Versions** Siemens RUGGEDCOM ROS versions 3.8.0 through 4.1.x **Description** The issue allows remote attackers to bypass a VLAN isolation protection mechanism via IP traffic because the IP forwarding feature is permanently enabled. **Recommendations** For versions 3.8.0 through 4.1.x, consider disabling the IP forwarding feature as a temporary workaround to minimize the risk of exploitation.