PT-2015-1270 · Siemens · Siemens Ruggedcom Win70Xx+3

Published

2015-02-02

·

Updated

2015-02-04

·

CVE-2015-1448

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Siemens Ruggedcom WIN51xx devices versions prior to SS4.4.4624.35 Siemens Ruggedcom WIN52xx devices versions prior to SS4.4.4624.35 Siemens Ruggedcom WIN70xx devices versions prior to BS4.4.4621.32 Siemens Ruggedcom WIN72xx devices versions prior to BS4.4.4621.32
Description The issue allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors, potentially giving access to the device with administrator privileges. This affects the integrated management service on various Siemens Ruggedcom devices.
Recommendations For Siemens Ruggedcom WIN51xx devices versions prior to SS4.4.4624.35, update to firmware version SS4.4.4624.35 or later. For Siemens Ruggedcom WIN52xx devices versions prior to SS4.4.4624.35, update to firmware version SS4.4.4624.35 or later. For Siemens Ruggedcom WIN70xx devices versions prior to BS4.4.4621.32, update to firmware version BS4.4.4621.32 or later. For Siemens Ruggedcom WIN72xx devices versions prior to BS4.4.4621.32, update to firmware version BS4.4.4621.32 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2015-10294
BDU:2015-10295
BDU:2015-10296
BDU:2015-10297
CVE-2015-1448

Affected Products

Siemens Ruggedcom Win51Xx
Siemens Ruggedcom Win52Xx
Siemens Ruggedcom Win70Xx
Siemens Ruggedcom Win72Xx