CVE-2015-1449
published 2015-02-02CVE-2015-1449: Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before…
PriorityP259critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
3.77%
88.6th percentile
Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to execute arbitrary code via unspecified vectors.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| siemens | ruggedcom_firmware | <= bs4.4.4621.31 | — |
| siemens | ruggedcom_firmware | <= ss4.4.4624.34 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target the integrated web server on port 443/TCP of Siemens Ruggedcom WIN51xx, WIN52xx, WIN70xx, WIN72xx devices for anomalous or oversized HTTP/HTTPS requests indicative of buffer overflow exploitation attempts. ↗
- →Monitor for unauthenticated administrative operations over the network against the integrated management service on affected Ruggedcom WIN devices (CVE-2015-1448 companion vulnerability in same firmware). ↗
- ·No known public exploits specifically target this vulnerability at time of advisory publication; exploitation skill level is rated low. ↗
- ·The exact HTTP request vectors triggering the buffer overflow are unspecified in all public sources, limiting precise signature development. ↗
- ·Sensitive information such as password hashes may be recoverable from local files or security logs on affected devices (companion CVE-2015-1357), which could aid post-exploitation. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r7vf-2ph6-v4g3: Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4
ghsa_unreviewed·2022-05-17
CVE-2015-1449 [HIGH] CWE-119 GHSA-r7vf-2ph6-v4g3: Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4
Buffer overflow in the integrated web server on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to execute arbitrary code via unspecified vectors.
CISA ICS
Siemens Ruggedcom WIN Vulnerability
cisa_ics·2018-08-29
Siemens Ruggedcom WIN Vulnerability
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens Ruggedcom WIN Vulnerability
Last RevisedAugust 29, 2018
Alert CodeICSA-15-034-02
## OVERVIEW
IOActive has coordinated with Siemens regarding multiple vulnerabilities in the Ruggedcom WIN firmware. Siemens has produced firmware updates that mitigates these vulnerabilities.
These vulnerabilities could be exploited remotely if there is network access to the affected service.
## AFFECTED PRODUCTS
The following Siemens Ruggedcom WIN versions are affected:
- WIN51xx: all versions prior to SS4.4.4624.35
- WIN52xx: all versions prior to SS4.4.4624.35
- WIN70xx: all version
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2015-02-02
Published