CVE-2015-1448
published 2015-02-02CVE-2015-1448: The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35…
PriorityP356critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
3.33%
87.1th percentile
The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | ruggedcom_firmware | <= bs4.4.4621.31 | — |
| siemens | ruggedcom_firmware | <= ss4.4.4624.34 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gw3p-m9q3-448x: The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4
ghsa_unreviewed·2022-05-17
CVE-2015-1448 [HIGH] GHSA-gw3p-m9q3-448x: The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4
The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors.
CISA ICS
Siemens Ruggedcom WIN Vulnerability
cisa_ics·2018-08-29
Siemens Ruggedcom WIN Vulnerability
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens Ruggedcom WIN Vulnerability
Last RevisedAugust 29, 2018
Alert CodeICSA-15-034-02
## OVERVIEW
IOActive has coordinated with Siemens regarding multiple vulnerabilities in the Ruggedcom WIN firmware. Siemens has produced firmware updates that mitigates these vulnerabilities.
These vulnerabilities could be exploited remotely if there is network access to the affected service.
## AFFECTED PRODUCTS
The following Siemens Ruggedcom WIN versions are affected:
- WIN51xx: all versions prior to SS4.4.4624.35
- WIN52xx: all versions prior to SS4.4.4624.35
- WIN70xx: all version
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2015-02-02
Published