Risk Summary
ATTENTION: Remotely exploitable/low skill level to exploit.
CVEs (2)
Remediations
- Siemens provides RUGGEDCOM NMS V2.1.0 which fixes the vulnerabilities and recommends users update to the new version. Information on how to obtain the latest RUGGEDCOM software and firmware can be found at the following location on the Siemens web site:
- https://support.industry.siemens.com/cs/ww/en/view/109745179
- For more information on this vulnerability and more detailed mitigation instructions, please see Siemens Security Advisory SSA-363881 at the following location:
- http://www.siemens.com/cert/en/cert-security-advisories.htm
- As a general security measure Siemens strongly recommends protecting network access to the RUGGEDCOM NMS with appropriate mechanisms and configuring the environment according to Siemens ' operational guidelines in order to run the devices in a protected IT environment.
- https://www.siemens.com/cert/operational-guidelines-industrial-security
Affected Vendors
Siemens
Affected Products (1)
Siemens
·
RUGGEDCOM NMS
< 2.1.0 (Windows and Linux)
Affected Sectors
Energy, Healthcare and Public Health, and Transportation Systems
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more