PT-2022-11531 · Siemens · Ruggedcom Rsg909R+49

Published

2022-03-08

·

Updated

2023-12-12

·

CVE-2021-42016

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions RUGGEDCOM i800 RUGGEDCOM i801 RUGGEDCOM i802 RUGGEDCOM i803 RUGGEDCOM M2100 RUGGEDCOM M2100F RUGGEDCOM M2200 RUGGEDCOM M2200F RUGGEDCOM M969 RUGGEDCOM M969F RUGGEDCOM RMC30 RUGGEDCOM RMC8388 versions 4.X through 5.X RUGGEDCOM RP110 RUGGEDCOM RS1600 RUGGEDCOM RS1600F RUGGEDCOM RS1600T RUGGEDCOM RS400 RUGGEDCOM RS400F RUGGEDCOM RS401 RUGGEDCOM RS416 RUGGEDCOM RS416F RUGGEDCOM RS416P RUGGEDCOM RS416PF RUGGEDCOM RS416Pv2 versions 4.X through 5.X RUGGEDCOM RS416v2 versions 4.X through 5.X RUGGEDCOM RS8000 RUGGEDCOM RS8000A RUGGEDCOM RS8000H RUGGEDCOM RS8000T RUGGEDCOM RS900 RUGGEDCOM RS900 (32M) versions 4.X through 5.X RUGGEDCOM RS900F RUGGEDCOM RS900G RUGGEDCOM RS900G (32M) versions 4.X through 5.X RUGGEDCOM RS900GF RUGGEDCOM RS900GP RUGGEDCOM RS900GPF RUGGEDCOM RS900L RUGGEDCOM RS900M-GETS-C01 RUGGEDCOM RS900M-GETS-XX RUGGEDCOM RS900M-STND-C01 RUGGEDCOM RS900M-STND-XX RUGGEDCOM RS900W RUGGEDCOM RS910 RUGGEDCOM RS910L RUGGEDCOM RS910W RUGGEDCOM RS920L RUGGEDCOM RS920W RUGGEDCOM RS930L RUGGEDCOM RS930W RUGGEDCOM RS940G RUGGEDCOM RS940GF RUGGEDCOM RS969 RUGGEDCOM RSG2100 RUGGEDCOM RSG2100 (32M) versions 4.X through 5.X RUGGEDCOM RSG2100F RUGGEDCOM RSG2100P RUGGEDCOM RSG2100PF RUGGEDCOM RSG2200 RUGGEDCOM RSG2200F RUGGEDCOM RSG2288 versions 4.X through 5.X RUGGEDCOM RSG2300 versions 4.X through 5.X RUGGEDCOM RSG2300F RUGGEDCOM RSG2300P versions 4.X through 5.X RUGGEDCOM RSG2300PF RUGGEDCOM RSG2488 versions 4.X through 5.X RUGGEDCOM RSG2488F RUGGEDCOM RSG907R RUGGEDCOM RSG908C RUGGEDCOM RSG909R RUGGEDCOM RSG910C RUGGEDCOM RSG920P versions 4.X through 5.X RUGGEDCOM RSL910 RUGGEDCOM RST2228 RUGGEDCOM RST2228P RUGGEDCOM RST916C RUGGEDCOM RST916P
Description A timing attack in a third-party component could make the retrieval of the private key possible, used for encryption of sensitive data. If a threat actor were to exploit this, the data integrity and security could be compromised.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Side Channel Attack

Weakness Enumeration

CWE-203CWE-208

Related Identifiers

CVE-2021-42016

Affected Products

Ruggedcom M2100
Ruggedcom M2200
Ruggedcom M969
Ruggedcom Rmc30
Ruggedcom Rmc8388
Ruggedcom Rp110
Ruggedcom Rs1600
Ruggedcom Rs1600F
Ruggedcom Rs1600T
Ruggedcom Rs400
Ruggedcom Rs401
Ruggedcom Rs416
Ruggedcom Rs416P
Ruggedcom Rs416Pv2
Ruggedcom Rs8000
Ruggedcom Rs8000A
Ruggedcom Rs8000H
Ruggedcom Rs8000T
Ruggedcom Rs900
Ruggedcom Rs900G
Ruggedcom Rs900Gp
Ruggedcom Rs900L
Ruggedcom Rs900M-Gets-C01
Ruggedcom Rs900M-Gets-Xx
Ruggedcom Rs900M-Stnd-C01
Ruggedcom Rs900M-Stnd-Xx
Ruggedcom Rsl910
Ruggedcom Rs910L
Ruggedcom Rs920L
Ruggedcom Rs930L
Ruggedcom Rs940G
Ruggedcom Rs969
Ruggedcom Rsg2100
Ruggedcom Rsg2100P
Ruggedcom Rsg2200
Ruggedcom Rsg2288
Ruggedcom Rsg2300
Ruggedcom Rsg2300P
Ruggedcom Rsg2488
Ruggedcom Rsg907R
Ruggedcom Rsg908C
Ruggedcom Rsg909R
Ruggedcom Rsg910C
Ruggedcom Rsg920P
Ruggedcom Rst2228
Ruggedcom Rst916C
Ruggedcom I800
Ruggedcom I801
Ruggedcom I802
Ruggedcom I803