Siemens produced a firmware update that mitigates an uncontrolled resource consumption vulnerability in its RuggedCom ROS-based devices.
Researchers Ling Toh Koh, Ng Yi Teng, Seyed Dawood, Sajjadi Torshizi, Ryan Lee, and Ho Ping Hou of EV-Dynamic, Malaysia, discovered the remotely exploitable vulnerability last March and Siemens now issued another update on ICS-CERT.
The following RuggedCom ROS-based devices suffer from the issue:
• All ROS versions prior to v3.11,
• ROS v3.11 (for product RS950G): all versions prior to ROS v3.11.5,
• ROS v3.12: all versions prior to ROS v3.12.4, and
• ROS v4.0 (for product RSG2488): all versions prior to ROS v4.1.0.
Successful exploitation of this vulnerability may result in attackers causing a denial of service (DoS).
Siemens is a multinational company headquartered in Munich, Germany.
The affected products, RuggedCom ROS-based products, are switches and serial-to-Ethernet devices. According to Siemens, RuggedCom ROS-based products operate in harsh environments such as electric utility substations and traffic control cabinets. Siemens estimates these products see use primarily in the United States and Europe with a small percentage in Asia.
The implementation of the Simple Network Management Protocol (SNMP) in the affected devices might allow attackers to perform a DoS attack against the device’s IP management interface by sending specially crafted packets over the network without authentication. Switching functionality does not suffer and special and uncommon conditions must end up fulfilled to perform this attack. After a manual cold restart of the device, access to the IP management interface is available.
CVE-2014-1966 is the case number assigned to this vulnerability, which has a CVSS v2 base score of 2.6.
No known public exploits specifically target this vulnerability. An attacker with a high skill would be able to exploit this vulnerability.
Siemens/RuggedCom provides firmware updates ROS v3.11.5, ROS v3.12.4, and ROS v4.1.0 that fix the vulnerability for RS950G products running ROS v3.11, products running ROS v3.12 and prior, and RSG2488 products running ROS v4.0.
Click here for the Siemens security advisory.