← Back to home
ICSA-19-344-03  ·  Published 2023-12-12  ·  View on CISA ICS-CERT ↗

Siemens RUGGEDCOM ROS (Update A)

CVSS 7.8 HIGH

CVEs (2)

Remediations

  • Disable boot interface access during boot up via the 'bootoption.txt' file parameter 'Security = yes' to mitigate CVE-2018-18440.
  • Disable access to the removable media via 'bootoption.txt' file parameter 'Disableautoaccessremovable = Yes' to mitigate CVE-2019-13103. Note that this vulnerability only applies to RUGGEDCOM ROS, if the device boots from removable media.
  • Currently no fix is planned
  • Currently no fix is available

Affected Vendors

Siemens

Affected Products (32)

Siemens · RUGGEDCOM RMC8388 V4.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RMC8388 V5.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RMC8388NC V4.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RMC8388NC V5.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG907R <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG908C <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG909R <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG910C <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG920P V4.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG920P V4.X >=with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG920P V5.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG920P V5.X >=with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG920PNC V4.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG920PNC V4.X >=with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG920PNC V5.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG920PNC V5.X >=with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG2488 V4.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG2488 V4.X >=with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG2488 V5.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG2488 V5.X >=with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG2488NC V4.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG2488NC V4.X >=with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG2488NC V5.X <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSG2488NC V5.X >=with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSL910 <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RSL910NC <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RST916C <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RST916P <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RST2228 <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RST2228 >=with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RST2228P <with_U-Boot_V2016.05RS09
Siemens · RUGGEDCOM RST2228P >=with_U-Boot_V2016.05RS09

Affected Sectors

Multiple

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more