Information disclosure in Siemens Ros
CVE-2012-4698
Siemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-i…
Vulnerability class: Information Disclosure
EPSS: 0.005 (65.7th percentile) — read the EPSS interpretation.
Affected products
- Siemens Ros
- Siemens Rox_ii_os
- Siemens Rox_i_os
- Siemens Ruggedmax_os
- N/a — versions n/a
Weakness classification (CWE)
References
- ics-cert@hq.dhs.gov (US Government Resource, x_refsource_MISC)
- ics-cert@hq.dhs.gov (x_refsource_CONFIRM, Vendor Advisory)
- ics-cert@hq.dhs.gov (x_refsource_MISC)
- ics-cert@hq.dhs.gov (x_refsource_CONFIRM, Vendor Advisory)