Siemens RUGGEDCOM ROS IP Forwarding Vulnerability

CVEs (1)

Remediations

• Firmware versions since ROS 4.2.0 provide an option to disable IP forwarding. Siemens recommends that users update to the latest firmware version. The firmware updates for the affected products can be obtained for free from the following contact points: Submit a support request online: (http://www.siemens.com/automation/support-request)
• Call a local hotline center: (http://www.automation.siemens.com/mcms/aspa-db/en/automationtechnology/Pages/default.aspx)
• If users do not want IP forwarding between VLANs in their configuration, then they need to disable IP forwarding after updating to the new firmware according to the instructions in the user guide. The following link leads to the ROS user guide: (https://support.industry.siemens.com/cs/ww/en/ps/15305/man) Until the firmware can be updated to the latest version, users can remove IP addresses from the VLAN if they are not required.
• For more information on this vulnerability and detailed instructions, please see Siemens Security Advisory SSA-720081 at the following location: (https://cert-portal.siemens.com/productcert/pdf/ssa-720081.pdf)

Affected Vendors

Affected Products (1)