Sign-up

ID

VAR-201204-0128


CVE

CVE-2012-1803


TITLE

Rugged Operating System Backdoor Unauthorized Access Vulnerability

Trust: 1.1

sources: IVD: a85421c0-1f6a-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-2154 // BID: 53215

DESCRIPTION

RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) TELNET, (2) remote shell (aka rsh), or (3) serial-console session. Rugged Operating System (ROS) Has problems due to hard-coded user accounts. RuggedCom Provided by RuggedSwitch Used for series Rugged Operating System (ROS) Has user accounts that cannot be deleted. This account has a fixed username and a password that can be guessed.A remote attacker may be logged in as an administrator. RuggedCom Inc is the world's leading manufacturer of high-performance networking and communication equipment for industrial environments. This account password is based on the device's MAC address and can be easily obtained through reverse engineering. ROS also supports HTTP(S) and SSH services. It is currently incorrect whether these services use the factory, and it is also unclear whether successful or unsuccessful login attempts will be recorded. Rugged Operating System is prone to an unauthorized-access vulnerability due to a backdoor in all versions of the application. Attackers can exploit this issue to gain unauthorized access to the affected application. This may aid in further attacks. ---------------------------------------------------------------------- Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch ---------------------------------------------------------------------- TITLE: RuggedCom Rugged Operating System Undocumented Account Security Issue SECUNIA ADVISORY ID: SA48963 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/48963/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=48963 RELEASE DATE: 2012-04-25 DISCUSS ADVISORY: http://secunia.com/advisories/48963/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/48963/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=48963 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: JC CREW has reported a security issue in RuggedCom Rugged Operating System (ROS), which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to ROS containing an undocumented hardcoded username where the password is generated based on the MAC address and can be exploited to gain administrative access. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: JC CREW ORIGINAL ADVISORY: JC CREW: http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0276.html US-CERT: http://www.kb.cert.org/vuls/id/889195 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 3.6

sources: NVD: CVE-2012-1803 // CERT/CC: VU#889195 // JVNDB: JVNDB-2012-002127 // CNVD: CNVD-2012-2154 // BID: 53215 // IVD: a85421c0-1f6a-11e6-abef-000c29c66e3d // IVD: eba10514-2353-11e6-abef-000c29c66e3d // PACKETSTORM: 112186

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 1.0

sources: IVD: a85421c0-1f6a-11e6-abef-000c29c66e3d // IVD: eba10514-2353-11e6-abef-000c29c66e3d // CNVD: CNVD-2012-2154

AFFECTED PRODUCTS

vendor:siemensmodel:ruggedcom rugged operating systemscope:gteversion:3.2.0

Trust: 1.0

vendor:siemensmodel:ruggedcom rugged operating systemscope:lteversion:3.10.1

Trust: 1.0

vendor:ruggedcommodel:rugged operating systemscope:eqversion:3.9.1

Trust: 0.9

vendor:ruggedcommodel: - scope: - version: -

Trust: 0.8

vendor:siemensmodel: - scope: - version: -

Trust: 0.8

vendor:ruggedcommodel:rugged operating systemscope:ltversion:3.10.1 earlier

Trust: 0.8

vendor:ruggedcommodel:rugged operating systemscope:ltversion:3.7.9 earlier

Trust: 0.8

vendor:ruggedcommodel:rugged operating systemscope:ltversion:3.8.5 earlier

Trust: 0.8

vendor:ruggedcommodel:rugged operating systemscope:ltversion:3.9.3 earlier

Trust: 0.8

vendor:ruggedcommodel:rosscope:eqversion:3.3

Trust: 0.6

vendor:ruggedcommodel:rosscope:eqversion:3.9

Trust: 0.6

vendor:ruggedcommodel:rosscope:eqversion:3.8

Trust: 0.6

vendor:ruggedcommodel:rosscope:eqversion:3.10

Trust: 0.6

vendor:ruggedcommodel:rosscope:eqversion:3.7

Trust: 0.6

vendor:ruggedcommodel:rosscope:eqversion:3.2

Trust: 0.6

vendor:rosmodel: - scope:eqversion:3.2

Trust: 0.4

vendor:rosmodel: - scope:eqversion:3.3

Trust: 0.4

vendor:rosmodel: - scope:eqversion:3.7

Trust: 0.4

vendor:rosmodel: - scope:eqversion:3.8

Trust: 0.4

vendor:rosmodel: - scope:eqversion:3.9

Trust: 0.4

vendor:rosmodel: - scope:eqversion:*

Trust: 0.4

vendor:ruggedcommodel:rugged operating systemscope:eqversion:3.3

Trust: 0.3

vendor:ruggedcommodel:rugged operating systemscope:eqversion:3.2

Trust: 0.3

vendor:ruggedcommodel:rugged operating systemscope:neversion:3.10.1

Trust: 0.3

sources: IVD: a85421c0-1f6a-11e6-abef-000c29c66e3d // IVD: eba10514-2353-11e6-abef-000c29c66e3d // CERT/CC: VU#889195 // CNVD: CNVD-2012-2154 // BID: 53215 // JVNDB: JVNDB-2012-002127 // CNNVD: CNNVD-201204-510 // NVD: CVE-2012-1803

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2012-1803
value: HIGH

Trust: 1.6

nvd@nist.gov: CVE-2012-1803
value: HIGH

Trust: 1.0

CNNVD: CNNVD-201204-510
value: HIGH

Trust: 0.6

IVD: a85421c0-1f6a-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

IVD: eba10514-2353-11e6-abef-000c29c66e3d
value: HIGH

Trust: 0.2

nvd@nist.gov: CVE-2012-1803
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

NVD: CVE-2012-1803
severity: HIGH
baseScore: 8.5
vectorString: NONE
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

IVD: a85421c0-1f6a-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

IVD: eba10514-2353-11e6-abef-000c29c66e3d
severity: HIGH
baseScore: 8.5
vectorString: AV:N/AC:M/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.8
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.9 [IVD]

Trust: 0.2

sources: IVD: a85421c0-1f6a-11e6-abef-000c29c66e3d // IVD: eba10514-2353-11e6-abef-000c29c66e3d // CERT/CC: VU#889195 // JVNDB: JVNDB-2012-002127 // CNNVD: CNNVD-201204-510 // NVD: CVE-2012-1803

PROBLEMTYPE DATA

problemtype:CWE-310

Trust: 1.8

sources: JVNDB: JVNDB-2012-002127 // NVD: CVE-2012-1803

THREAT TYPE

remote

Trust: 1.2

sources: CNNVD: CNNVD-201205-011 // CNNVD: CNNVD-201204-510

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201204-510

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-002127

EXPLOIT AVAILABILITY
sources:
            
            
            CERT/CC: VU#889195

PATCH
title:Latest news on ROS Device Security Issueurl:http://www.ruggedcom.com/productbulletin/ros-security-page/
Trust: 0.8
title:Software Downloadsurl:http://www.ruggedcom.com/support/software/index.php
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-002127

EXTERNAL IDS
db:CERT/CCid:VU#889195
Trust: 4.2
db:ICS CERTid:ICSA-12-146-01A
Trust: 3.2
db:NVDid:CVE-2012-1803
Trust: 3.1
db:BIDid:53215
Trust: 3.1
db:ICS CERT ALERTid:ICS-ALERT-12-116-01A
Trust: 2.4
db:EXPLOIT-DBid:18779
Trust: 1.6
db:ICS CERT ALERTid:ICS-ALERT-12-116-01
Trust: 1.1
db:ICS CERTid:ICSA-12-146-01
Trust: 1.1
db:CNNVDid:CNNVD-201204-510
Trust: 1.0
db:CNVDid:CNVD-2012-2154
Trust: 0.8
db:JVNDBid:JVNDB-2012-002127
Trust: 0.8
db:CNNVDid:CNNVD-201205-011
Trust: 0.6
db:IVDid:A85421C0-1F6A-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:IVDid:EBA10514-2353-11E6-ABEF-000C29C66E3D
Trust: 0.2
db:SECUNIAid:48963
Trust: 0.2
db:PACKETSTORMid:112186
Trust: 0.1
sources:
            
            
            IVD: a85421c0-1f6a-11e6-abef-000c29c66e3d // 
            
            
            
            IVD: eba10514-2353-11e6-abef-000c29c66e3d // 
            
            
            
            CERT/CC: VU#889195 // 
            
            
            
            CNVD: CNVD-2012-2154 // 
            
            
            
            BID: 53215 // 
            
            
            
            JVNDB: JVNDB-2012-002127 // 
            
            
            
            PACKETSTORM: 112186 // 
            
            
            
            CNNVD: CNNVD-201205-011 // 
            
            
            
            CNNVD: CNNVD-201204-510 // 
            
            
            
            NVD: CVE-2012-1803

REFERENCES
url:http://www.ruggedcom.com/productbulletin/ros-security-page/
Trust: 3.2
url:http://www.kb.cert.org/vuls/id/889195
Trust: 2.8
url:http://seclists.org/fulldisclosure/2012/apr/277
Trust: 2.4
url:http://arstechnica.com/business/news/2012/04/backdoor-in-mission-critical-hardware-threatens-power-traffic-control-systems.ars
Trust: 2.4
url:http://www.wired.com/threatlevel/2012/04/ruggedcom-backdoor/
Trust: 2.4
url:http://www.us-cert.gov/control_systems/pdf/ics-alert-12-116-01a.pdf
Trust: 2.4
url:http://www.securityfocus.com/bid/53215
Trust: 2.2
url:http://www.us-cert.gov/control_systems/pdf/icsa-12-146-01a.pdf
Trust: 1.6
url:http://www.kb.cert.org/vuls/id/mapg-8rcpen
Trust: 1.6
url:http://archives.neohapsis.com/archives/bugtraq/2012-04/0186.html
Trust: 1.6
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/75120
Trust: 1.6
url:http://www.exploit-db.com/exploits/18779
Trust: 1.6
url:http://ics-cert.us-cert.gov/advisories/icsa-12-146-01a
Trust: 1.6
url:http://www.us-cert.gov/control_systems/pdf/ics-alert-12-116-01.pdf
Trust: 1.1
url:https://www.us-cert.gov/control_systems/pdf/icsa-12-146-01.pdf
Trust: 1.1
url:http://www.ruggedcom.com/products/index.php
Trust: 0.8
url:http://www.ruggedcom.com/support/software/index.php
Trust: 0.8
url:http://cwe.mitre.org/data/definitions/261.html
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1803
Trust: 0.8
url:http://jvn.jp/cert/jvnvu889195
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1803
Trust: 0.8
url:http://www.kb.cert.org/vuls/id/889195http
Trust: 0.6
url:http://www.ruggedcom.com/
Trust: 0.3
url:/archive/1/522467
Trust: 0.3
url:https://ca.secunia.com/?page=viewadvisory&vuln_id=48963
Trust: 0.1
url:http://archives.neohapsis.com/archives/fulldisclosure/2012-04/0276.html
Trust: 0.1
url:http://secunia.com/psi_30_beta_launch
Trust: 0.1
url:http://secunia.com/vulnerability_intelligence/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
Trust: 0.1
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/vulnerability_scanning/personal/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/48963/
Trust: 0.1
url:http://secunia.com/advisories/48963/#comments
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#889195 // 
            
            
            
            CNVD: CNVD-2012-2154 // 
            
            
            
            BID: 53215 // 
            
            
            
            JVNDB: JVNDB-2012-002127 // 
            
            
            
            PACKETSTORM: 112186 // 
            
            
            
            CNNVD: CNNVD-201205-011 // 
            
            
            
            CNNVD: CNNVD-201204-510 // 
            
            
            
            NVD: CVE-2012-1803

CREDITS
jc
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201205-011

SOURCES
db:IVDid:a85421c0-1f6a-11e6-abef-000c29c66e3d
db:IVDid:eba10514-2353-11e6-abef-000c29c66e3d
db:CERT/CCid:VU#889195
db:CNVDid:CNVD-2012-2154
db:BIDid:53215
db:JVNDBid:JVNDB-2012-002127
db:PACKETSTORMid:112186
db:CNNVDid:CNNVD-201205-011
db:CNNVDid:CNNVD-201204-510
db:NVDid:CVE-2012-1803

LAST UPDATE DATE
2024-11-23T22:49:42.783000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#889195date:2012-07-18T00:00:00
db:CNVDid:CNVD-2012-2154date:2020-03-10T00:00:00
db:BIDid:53215date:2012-06-18T21:30:00
db:JVNDBid:JVNDB-2012-002127date:2012-06-21T00:00:00
db:CNNVDid:CNNVD-201205-011date:2012-05-03T00:00:00
db:CNNVDid:CNNVD-201204-510date:2022-02-07T00:00:00
db:NVDid:CVE-2012-1803date:2024-11-21T01:37:48.810

SOURCES RELEASE DATE
db:IVDid:a85421c0-1f6a-11e6-abef-000c29c66e3ddate:2012-04-26T00:00:00
db:IVDid:eba10514-2353-11e6-abef-000c29c66e3ddate:2012-04-27T00:00:00
db:CERT/CCid:VU#889195date:2012-04-24T00:00:00
db:CNVDid:CNVD-2012-2154date:2012-04-26T00:00:00
db:BIDid:53215date:2012-04-24T00:00:00
db:JVNDBid:JVNDB-2012-002127date:2012-04-26T00:00:00
db:PACKETSTORMid:112186date:2012-04-25T02:37:37
db:CNNVDid:CNNVD-201205-011date:2012-04-24T00:00:00
db:CNNVDid:CNNVD-201204-510date:2012-04-27T00:00:00
db:NVDid:CVE-2012-1803date:2012-04-28T00:55:01.203