Release date:
Updated on:
Affected Systems:
Siemens RuggedCom ROS-based <3.11
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2014-1966
RuggedCom ROS products are switches and serial-to-Ethernet devices.
A security vulnerability exists in SNMP implementation of RuggedCom ROS devices earlier than Version 3.11. Remote attackers exploit this vulnerability through specially crafted data packets to cause DOS.
<* Source: Ling Toh Koh
Ng Yi Teng
Seyed Dawood Sajjadi Torshizi
Link: http://ics-cert.us-cert.gov/advisories/ICSA-14-051-03
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Siemens
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.siemens.com/corporate-technology/pool/
Http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-892342.pdf