Details of VAR-202203-0739

ID

VAR-202203-0739

CVE

CVE-2021-37209

TITLE

Siemens' RUGGEDCOM ROS Cryptographic strength vulnerabilities in

Trust: 0.8

sources: JVNDB: JVNDB-2021-018725

DESCRIPTION

A vulnerability has been identified in RUGGEDCOM i800 (All versions < V4.3.8), RUGGEDCOM i801 (All versions < V4.3.8), RUGGEDCOM i802 (All versions < V4.3.8), RUGGEDCOM i803 (All versions < V4.3.8), RUGGEDCOM M2100 (All versions < V4.3.8), RUGGEDCOM M2200 (All versions < V4.3.8), RUGGEDCOM M969 (All versions < V4.3.8), RUGGEDCOM RMC30 (All versions < V4.3.8), RUGGEDCOM RMC8388 V4.X (All versions < V4.3.8), RUGGEDCOM RMC8388 V5.X (All versions < V5.7.0), RUGGEDCOM RP110 (All versions < V4.3.8), RUGGEDCOM RS1600 (All versions < V4.3.8), RUGGEDCOM RS1600F (All versions < V4.3.8), RUGGEDCOM RS1600T (All versions < V4.3.8), RUGGEDCOM RS400 (All versions < V4.3.8), RUGGEDCOM RS401 (All versions < V4.3.8), RUGGEDCOM RS416 (All versions < V4.3.8), RUGGEDCOM RS416P (All versions < V4.3.8), RUGGEDCOM RS416Pv2 V4.X (All versions < V4.3.8), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.7.0), RUGGEDCOM RS416v2 V4.X (All versions < V4.3.8), RUGGEDCOM RS416v2 V5.X (All versions < V5.7.0), RUGGEDCOM RS8000 (All versions < V4.3.8), RUGGEDCOM RS8000A (All versions < V4.3.8), RUGGEDCOM RS8000H (All versions < V4.3.8), RUGGEDCOM RS8000T (All versions < V4.3.8), RUGGEDCOM RS900 (All versions < V4.3.8), RUGGEDCOM RS900 (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RS900G (All versions < V4.3.8), RUGGEDCOM RS900G (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RS900GP (All versions < V4.3.8), RUGGEDCOM RS900L (All versions < V4.3.8), RUGGEDCOM RS900M-GETS-C01 (All versions < V4.3.8), RUGGEDCOM RS900M-GETS-XX (All versions < V4.3.8), RUGGEDCOM RS900M-STND-C01 (All versions < V4.3.8), RUGGEDCOM RS900M-STND-XX (All versions < V4.3.8), RUGGEDCOM RS900W (All versions < V4.3.8), RUGGEDCOM RS910 (All versions < V4.3.8), RUGGEDCOM RS910L (All versions < V4.3.8), RUGGEDCOM RS910W (All versions < V4.3.8), RUGGEDCOM RS920L (All versions < V4.3.8), RUGGEDCOM RS920W (All versions < V4.3.8), RUGGEDCOM RS930L (All versions < V4.3.8), RUGGEDCOM RS930W (All versions < V4.3.8), RUGGEDCOM RS940G (All versions < V4.3.8), RUGGEDCOM RS969 (All versions < V4.3.8), RUGGEDCOM RSG2100 (All versions < V4.3.8), RUGGEDCOM RSG2100 (32M) V4.X (All versions < V4.3.8), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.7.0), RUGGEDCOM RSG2100P (All versions < V4.3.8), RUGGEDCOM RSG2200 (All versions < V4.3.8), RUGGEDCOM RSG2288 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2288 V5.X (All versions < V5.7.0), RUGGEDCOM RSG2300 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2300 V5.X (All versions < V5.7.0), RUGGEDCOM RSG2300P V4.X (All versions < V4.3.8), RUGGEDCOM RSG2300P V5.X (All versions < V5.7.0), RUGGEDCOM RSG2488 V4.X (All versions < V4.3.8), RUGGEDCOM RSG2488 V5.X (All versions < V5.7.0), RUGGEDCOM RSG907R (All versions < V5.7.0), RUGGEDCOM RSG908C (All versions < V5.7.0), RUGGEDCOM RSG909R (All versions < V5.7.0), RUGGEDCOM RSG910C (All versions < V5.7.0), RUGGEDCOM RSG920P V4.X (All versions < V4.3.8), RUGGEDCOM RSG920P V5.X (All versions < V5.7.0), RUGGEDCOM RSL910 (All versions < V5.7.0), RUGGEDCOM RST2228 (All versions < V5.7.0), RUGGEDCOM RST2228P (All versions < V5.7.0), RUGGEDCOM RST916C (All versions < V5.7.0), RUGGEDCOM RST916P (All versions < V5.7.0). The SSH server on affected devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device. Siemens' RUGGEDCOM ROS There is a security level vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. RUGGEDCOM ROS-based devices are typically switches and serial-to-Ethernet devices used to connect equipment operating in harsh environments, such as power utility substations and traffic control cabinets. Siemens RUGGEDCOM Devices has an information disclosure vulnerability, and attackers can use the vulnerability to obtain access passwords

Trust: 2.16

sources: NVD: CVE-2021-37209 // JVNDB: JVNDB-2021-018725 // CNVD: CNVD-2022-17777

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2022-17777

AFFECTED PRODUCTS

vendor:	siemens	model:	ruggedcom ros rs900g	scope:	lt	version:	v5.6.0	Trust: 1.2
vendor:	siemens	model:	ruggedcom ros	scope:	eq	version:	*	Trust: 1.0
vendor:	シーメンス	model:	ruggedcom ros	scope:	eq	version:	-	Trust: 0.8
vendor:	シーメンス	model:	ruggedcom ros	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	ruggedcom ros m2100	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs416v2	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg2100p	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsl910	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rst916c	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rst916p	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rst2228	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros i800	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros i801	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros i802	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros i803	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros m969	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros m2200	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rmc	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rmc20	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rmc30	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rmc40	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rmc41	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rmc8388	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rp110	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs400	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs401	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs416	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs900	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs900gp	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs900l	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs900w	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs910	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs910l	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs920l	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs920w	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs930l	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs930w	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs940g	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs969	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs8000	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs8000a	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs8000h	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rs8000t	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg900	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg900c	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg900g	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg900r	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg907r	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg908c	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg909r	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg910c	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg920p	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg2100	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg2488	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg2300p	scope:	lt	version:	v5.6.0	Trust: 0.6
vendor:	siemens	model:	ruggedcom ros rsg2300	scope:	lt	version:	v5.6.0	Trust: 0.6

sources: CNVD: CNVD-2022-17777 // JVNDB: JVNDB-2021-018725 // NVD: CVE-2021-37209

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-37209
value:	MEDIUM
Trust: 1.0
productcert@siemens.com:	CVE-2021-37209
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2021-37209
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2022-17777
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-202203-763
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2021-37209
severity:	MEDIUM
baseScore:	4.0
vectorString:	AV:N/AC:L/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	8.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2022-17777
severity:	MEDIUM
baseScore:	5.4
vectorString:	AV:N/AC:H/AU:N/C:C/I:N/A:N
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	4.9
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2021-37209
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.1
Trust: 1.0
productcert@siemens.com:	CVE-2021-37209
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.5
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2021-018725
baseSeverity:	MEDIUM
baseScore:	6.7
vectorString:	CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	HIGH
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2022-17777 // JVNDB: JVNDB-2021-018725 // CNNVD: CNNVD-202203-763 // NVD: CVE-2021-37209 // NVD: CVE-2021-37209

PROBLEMTYPE DATA

problemtype:	CWE-311	Trust: 1.0
problemtype:	CWE-326	Trust: 1.0
problemtype:	Inappropriate cryptographic strength (CWE-326) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2021-018725 // NVD: CVE-2021-37209

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202203-763

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-202203-763

PATCH

title:	Patch for Siemens RUGGEDCOM Devices Information Disclosure Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/324176	Trust: 0.6
title:	Siemens RUGGEDCOM Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=185252	Trust: 0.6

sources: CNVD: CNVD-2022-17777 // CNNVD: CNNVD-202203-763

EXTERNAL IDS

db:	NVD	id:	CVE-2021-37209	Trust: 3.8
db:	SIEMENS	id:	SSA-764417	Trust: 3.0
db:	ICS CERT	id:	ICSA-22-069-01	Trust: 1.4
db:	JVN	id:	JVNVU91709091	Trust: 0.8
db:	JVNDB	id:	JVNDB-2021-018725	Trust: 0.8
db:	CNVD	id:	CNVD-2022-17777	Trust: 0.6
db:	CS-HELP	id:	SB2022031111	Trust: 0.6
db:	AUSCERT	id:	ESB-2022.1045	Trust: 0.6
db:	CNNVD	id:	CNNVD-202203-763	Trust: 0.6

sources: CNVD: CNVD-2022-17777 // JVNDB: JVNDB-2021-018725 // CNNVD: CNNVD-202203-763 // NVD: CVE-2021-37209

REFERENCES

url:	https://cert-portal.siemens.com/productcert/pdf/ssa-764417.pdf	Trust: 3.0
url:	https://jvn.jp/vu/jvnvu91709091/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-37209	Trust: 0.8
url:	https://www.cisa.gov/news-events/ics-advisories/icsa-22-069-01	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2022031111	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2021-37209/	Trust: 0.6
url:	https://us-cert.cisa.gov/ics/advisories/icsa-22-069-01	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.1045	Trust: 0.6
url:	https://vigilance.fr/vulnerability/ruggedcom-rox-user-access-via-unencrypted-passwords-37746	Trust: 0.6

sources: CNVD: CNVD-2022-17777 // JVNDB: JVNDB-2021-018725 // CNNVD: CNNVD-202203-763 // NVD: CVE-2021-37209

CREDITS

Michael Messner from Siemens Energy reported this vulnerability to Siemens.

Trust: 0.6

sources: CNNVD: CNNVD-202203-763

SOURCES

db:	CNVD	id:	CNVD-2022-17777
db:	JVNDB	id:	JVNDB-2021-018725
db:	CNNVD	id:	CNNVD-202203-763
db:	NVD	id:	CVE-2021-37209

LAST UPDATE DATE

2024-08-14T12:51:04.999000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2022-17777	date:	2022-03-09T00:00:00
db:	JVNDB	id:	JVNDB-2021-018725	date:	2023-07-05T08:12:00
db:	CNNVD	id:	CNNVD-202203-763	date:	2023-03-15T00:00:00
db:	NVD	id:	CVE-2021-37209	date:	2023-11-14T11:15:07.980

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2022-17777	date:	2022-03-09T00:00:00
db:	JVNDB	id:	JVNDB-2021-018725	date:	2023-07-05T00:00:00
db:	CNNVD	id:	CNNVD-202203-763	date:	2022-03-08T00:00:00
db:	NVD	id:	CVE-2021-37209	date:	2022-03-08T12:15:10.330