February 27, 2018

ICS-CERT has updated this advisory with additional information about affected products and mitigation details. ICS-CERT.

October 10, 2017
ICS-CERT has updated this advisory with mitigation details. ICS-CERT.

September 28, 2017
ICS-CERT has released an advisory on a Siemens Ruggedom ROS, SCALANCE vulnerability. A number of Siemens devices using the Ruggedcom Discovery Protocol are affected. Successful exploitation of this vulnerability could allow users of networks adjacent to the targeted device to perform unauthorized administrative actions. Siemens provides Ruggedcom ROS firmware Version v4.3.4, v5.0.1 and Ruggedcom Explorer v1.5.2, which fixes the vulnerability and recommends users update to the newest version. Siemens is preparing updates for the remaining affected products and recommends that users manually deactivate RCDP according to the instructions in the user guide. ICS-CERT.