-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # SSA-459643: Denial of Service Vulnerability in RUGGEDCOM ROS before V5.6.0 Publication Date: 2022-09-13 Last Update: 2023-04-11 Current Version: 1.2 CVSS v3.1 Base Score: 5.3 SUMMARY ======= RUGGEDCOM ROS-based devices are vulnerable to a denial of service attack (Slowloris). By sending partial HTTP requests nonstop, with none completed, the affected web servers will be waiting for the completion of each request, occupying all available HTTP connections. The web server recovers by itself once the attack ends. Siemens has released updates for the affected products and recommends to update to the latest versions. AFFECTED PRODUCTS AND SOLUTION ============================== * RUGGEDCOM RMC8388 V5.X - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RMC8388NC V5.X - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RS416NC v2 - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RS416PNC v2 - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RS416Pv2 - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RS416v2 - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RS900 (32M) V5.X - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RS900G (32M) V5.X - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RS900GNC(32M) V5.X - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RS900NC(32M) V5.X - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RSG907R - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG908C - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG909R - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG910C - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG920P V5.X - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG920PNC V5.X - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RSG2100 (32M) V5.X - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG2100NC(32M) V5.X - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RSG2288 V5.X - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG2288NC V5.X - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RSG2300 V5.X - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG2300NC V5.X - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RSG2300P V5.X - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG2300PNC V5.X - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RSG2488 V5.X - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSG2488NC V5.X - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RSL910 - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RSL910NC - Affected versions: All versions - Remediation: Currently no fix is available See recommendations from section "Workarounds and Mitigations" * RUGGEDCOM RST916C - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RST916P - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RST2228 - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ * RUGGEDCOM RST2228P - Affected versions: All versions < V5.6.0 - Remediation: Update to V5.6.0 or later version See recommendations from section "Workarounds and Mitigations" - Download: https://support.industry.siemens.com/cs/ww/en/view/109806156/ WORKAROUNDS AND MITIGATIONS =========================== Siemens has identified the following specific workarounds and mitigations that customers can apply to reduce the risk: * Restrict access to port 80/tcp and 443/tcp to trusted IP addresses only * Deactivate the webserver if not required, and if deactivation is supported by the product Product-specific remediations or mitigations can be found in the section "Affected Products and Solution". Please follow the "General Security Recommendations". GENERAL SECURITY RECOMMENDATIONS ================================ As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial- security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity PRODUCT DESCRIPTION =================== RUGGEDCOM ROS-based devices, typically switches and serial-to-Ethernet devices, are used to connect devices that operate in harsh environments such as electric utility substations and traffic control cabinets. VULNERABILITY CLASSIFICATION ============================ The vulnerability classification has been performed by using the CVSS scoring system in version 3.1 (CVSS v3.1) (https://www.first.org/cvss/). The CVSS environmental score is specific to the customer's environment and will impact the overall CVSS score. The environmental score should therefore be individually defined by the customer to accomplish final scoring. An additional classification has been performed using the CWE classification, a community-developed list of common software security weaknesses. This serves as a common language and as a baseline for weakness identification, mitigation, and prevention efforts. A detailed list of CWE classes can be found at: https://cwe.mitre.org/. * Vulnerability CVE-2022-39158 Affected devices improperly handle partial HTTP requests which makes them vulnerable to slowloris attacks. This could allow a remote attacker to create a denial of service condition that persists until the attack ends. CVSS v3.1 Base Score: 5.3 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C CWE: CWE-400: Uncontrolled Resource Consumption ADDITIONAL INFORMATION ====================== For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories HISTORY DATA ============ V1.0 (2022-09-13): Publication Date V1.1 (2022-11-08): Added mitigations and renamed products to highlight the affected version line V5 V1.2 (2023-04-11): Added missing affected products with no fix planned TERMS OF USE ============ Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use. Copyright: Siemens 2023 -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEHyx/myPwjH9jB9tDlm7gTEmyujQFAmQ0owAACgkQlm7gTEmy ujQ9PA/+L5+RAGeNmNpQ/6xy9R2TLl5tyhiOKU+/HH7I1oMsu35WS0Hc5fxZNE1E OGmHXMB2EyLmH/+oQobN52lx9GNKQzAbztv8KzNyFQ+aGsZ83i1UVJnn3Ik2UEa1 35ASA+3IrR1z0yY3XpQhNLGXP0ZnIE2ULrtZJ1hzf8mNaK5loH18P0R7RvjSBsbh rHGjWx42BUzZAGc3EodezDYcb9rlyPT9LGDnNFDa28KWC98yxHU9nNLq9sqnQ+ID 9fpIJZhJiEAHZhRoPS/oGCKxJnfPiW0LZsZPHdbtxL95zw7l4VgLiJI0C4OUfolN pKZP9fvibtzNHnz7HtfQVlYDoI3eHmlzITQ3CfcRoAWKMLpBTpERt/ZdChaijwzw vMXxsxfM2qt0nFpIdeFkYHrtYT6NnEN4t84mnD7jxGU1l0gEFvo7nX4Boys3YCdW QSCgI26yOQlYa0l1nA0lPELtCcAR9m7oV51lJ8qbql2YTABNZ90KnePsz64nZQy/ XgSA1oyLau5AzEqMbsQQLzzPA3Zkso8lVNEtg1Pr8qaMsmZnHIFbHQFpE7HTaARQ NAYCgixZhnerEHkE1I2yIePhdJhxc9nqfw773Q6LFjMzp8oiKOr2nPb5O7dtFTTC AMKlKoT9EqZAkYcg5agjKOqwf7r6am9ONsbOUIM7F0x/e536f9o= =UQJz -----END PGP SIGNATURE-----