Siemens RUGGEDCOM ROS设备镜像端口隔离漏洞

发布者:信网处发布时间:2023-08-10浏览次数:97

Siemens RUGGEDCOM ROS设备镜像端口隔离漏洞

RUGGEDCOM基于ros的设备,通常是交换机和串行到以太网设备,用于连接在恶劣环境下运行的设备,如电力变电站和交通控制柜。

一、漏洞分析

 公开日期:2023-07-06

 漏洞编号:CNVD-2023-62028/CVE-2023-24845

 危害等级:高危

 漏洞描述:Siemens RUGGEDCOM ROS设备存在镜像端口隔离漏洞,攻击者可利用该漏洞使用此行为将恶意数据包传输到镜像网络中的系统,从而影响其配置和运行时行为。

二、漏洞影响产品

Siemens RUGGEDCOM i800 <4.3.8

Siemens RUGGEDCOM i800NC <4.3.8

Siemens RUGGEDCOM i801 <4.3.8

Siemens RUGGEDCOM i801NC <4.3.8

Siemens RUGGEDCOM i802 <4.3.8

Siemens RUGGEDCOM i802NC <4.3.8

Siemens RUGGEDCOM i803 <4.3.8

Siemens RUGGEDCOM i803NC <4.3.8

Siemens RUGGEDCOM M969 <4.3.8

Siemens RUGGEDCOM M969F

Siemens RUGGEDCOM M969NC <4.3.8

Siemens RUGGEDCOM M2100 <4.3.8

Siemens RUGGEDCOM M2100F

Siemens RUGGEDCOM M2100NC <4.3.8

Siemens RUGGEDCOM M2200 <4.3.8

Siemens RUGGEDCOM M2200F

Siemens RUGGEDCOM M2200NC <4.3.8

Siemens RUGGEDCOM RMC30 <4.3.8

Siemens RUGGEDCOM RMC30NC <4.3.8

Siemens RUGGEDCOM RMC8388 <4.3.8

Siemens RUGGEDCOM RMC8388 5.*

Siemens RUGGEDCOM RMC8388NC <4.3.8

Siemens RUGGEDCOM RMC8388NC 5.*

Siemens RUGGEDCOM RP110 <4.3.8

Siemens RUGGEDCOM RP110NC <4.3.8

Siemens RUGGEDCOM RS400F

Siemens RUGGEDCOM RS416 <4.3.8

Siemens RUGGEDCOM RS416F

Siemens RUGGEDCOM RS416NC <4.3.8

Siemens RUGGEDCOM RS416NC

Siemens RUGGEDCOM RS416P <4.3.8

Siemens RUGGEDCOM RS416PF

Siemens RUGGEDCOM RS416PNC <4.3.8

Siemens RUGGEDCOM RS416PNC

Siemens RUGGEDCOM RS416Pv2

Siemens RUGGEDCOM RS416v2

Siemens RUGGEDCOM RS900 <4.3.8

Siemens RUGGEDCOM RS900 (32M) <4.3.8

Siemens RUGGEDCOM RS900 (32M) 5.*

Siemens RUGGEDCOM RS900F

Siemens RUGGEDCOM RS900G <4.3.8

Siemens RUGGEDCOM RS900G (32M) <4.3.8

Siemens RUGGEDCOM RS900G (32M) 5.*

Siemens RUGGEDCOM RS900GF

Siemens RUGGEDCOM RS900GNC <4.3.8

Siemens RUGGEDCOM RS900GNC(32M) <4.3.8

Siemens RUGGEDCOM RS900GNC(32M) 5.*

Siemens RUGGEDCOM RS900GP <4.3.8

Siemens RUGGEDCOM RS900GPF

Siemens RUGGEDCOM RS900GPNC <4.3.8

Siemens RUGGEDCOM RS900L <4.3.8

Siemens RUGGEDCOM RS900LNC <4.3.8

Siemens RUGGEDCOM RS900M-GETS-C01 <4.3.8

Siemens RUGGEDCOM RS900M-GETS-XX <4.3.8

Siemens RUGGEDCOM RS900M-STND-C01 <4.3.8

Siemens RUGGEDCOM RS900M-STND-XX <4.3.8

Siemens RUGGEDCOM RS900MNC-GETS-C01 <4.3.8

Siemens RUGGEDCOM RS900MNC-GETS-XX <4.3.8

Siemens RUGGEDCOM RS900MNC-STND-XX <4.3.8

Siemens RUGGEDCOM RS900MNC-STND-XX-C01 <4.3.8

Siemens RUGGEDCOM RS900NC <4.3.8

Siemens RUGGEDCOM RS900NC(32M) <4.3.8

Siemens RUGGEDCOM RS900NC(32M) 5.*

Siemens RUGGEDCOM RS900W <4.3.8

Siemens RUGGEDCOM RS910 <4.3.8

Siemens RUGGEDCOM RS910L <4.3.8

Siemens RUGGEDCOM RS910LNC <4.3.8

Siemens RUGGEDCOM RS910NC <4.3.8

Siemens RUGGEDCOM RS910W <4.3.8

Siemens RUGGEDCOM RS920L <4.3.8

Siemens RUGGEDCOM RS920LNC <4.3.8

Siemens RUGGEDCOM RS920W <4.3.8

Siemens RUGGEDCOM RS930L <4.3.8

Siemens RUGGEDCOM RS930LNC <4.3.8

Siemens RUGGEDCOM RS930W <4.3.8

Siemens RUGGEDCOM RS940G <4.3.8

Siemens RUGGEDCOM RS940GF

Siemens RUGGEDCOM RS940GNC <4.3.8

Siemens RUGGEDCOM RS969 <4.3.8

Siemens RUGGEDCOM RS969NC <4.3.8

Siemens RUGGEDCOM RSG907R

Siemens RUGGEDCOM RSG908C

Siemens RUGGEDCOM RSG909R

Siemens RUGGEDCOM RSG910C

Siemens RUGGEDCOM RSG920P <4.3.8

Siemens RUGGEDCOM RSG920P 5.*

Siemens RUGGEDCOM RSG920PNC <4.3.8

Siemens RUGGEDCOM RSG920PNC 5.*

Siemens RUGGEDCOM RSG2100 <4.3.8

Siemens RUGGEDCOM RSG2100 (32M) <4.3.8

Siemens RUGGEDCOM RSG2100 (32M) 5.*

Siemens RUGGEDCOM RSG2100F

Siemens RUGGEDCOM RSG2100NC <4.3.8

Siemens RUGGEDCOM RSG2100NC(32M) <4.3.8

Siemens RUGGEDCOM RSG2100NC(32M) 5.*

Siemens RUGGEDCOM RSG2100P <4.3.8

Siemens RUGGEDCOM RSG2100PF

Siemens RUGGEDCOM RSG2100PNC <4.3.8

Siemens RUGGEDCOM RSG2200 <4.3.8

Siemens RUGGEDCOM RSG2200F

Siemens RUGGEDCOM RSG2200NC <4.3.8

Siemens RUGGEDCOM RSG2288 <4.3.8

Siemens RUGGEDCOM RSG2288 5.*

Siemens RUGGEDCOM RSG2288NC <4.3.8

Siemens RUGGEDCOM RSG2288NC 5.*

Siemens RUGGEDCOM RSG2300 <4.3.8

Siemens RUGGEDCOM RSG2300 5.*

Siemens RUGGEDCOM RSG2300F

Siemens RUGGEDCOM RSG2300NC <4.3.8

Siemens RUGGEDCOM RSG2300NC 5.*

Siemens RUGGEDCOM RSG2300P <4.3.8

Siemens RUGGEDCOM RSG2300P 5.*

Siemens RUGGEDCOM RSG2300PF

Siemens RUGGEDCOM RSG2300PNC <4.3.8

Siemens RUGGEDCOM RSG2300PNC 5.*

Siemens RUGGEDCOM RSG2488 <4.3.8

Siemens RUGGEDCOM RSG2488 5.*

Siemens RUGGEDCOM RSG2488F

Siemens RUGGEDCOM RSG2488NC <4.3.8

Siemens RUGGEDCOM RSG2488NC 5.*

Siemens RUGGEDCOM RSL910

Siemens RUGGEDCOM RSL910NC

Siemens RUGGEDCOM RST916C

Siemens RUGGEDCOM RST916P

Siemens RUGGEDCOM RST2228

Siemens RUGGEDCOM RST2228P

Siemens RUGGEDCOM RS400

Siemens RUGGEDCOM RS400NC

Siemens RUGGEDCOM RS401

Siemens RUGGEDCOM RS401NC

Siemens RUGGEDCOM RS900

Siemens RUGGEDCOM RS900L

Siemens RUGGEDCOM RS900LNC

Siemens RUGGEDCOM RS900NC

Siemens RUGGEDCOM RS1600

Siemens RUGGEDCOM RS1600F

Siemens RUGGEDCOM RS1600FNC

Siemens RUGGEDCOM RS1600NC

Siemens RUGGEDCOM RS1600T

Siemens RUGGEDCOM RS1600TNC

Siemens RUGGEDCOM RS8000

Siemens RUGGEDCOM RS8000A

Siemens RUGGEDCOM RS8000ANC

Siemens RUGGEDCOM RS8000H

Siemens RUGGEDCOM RS8000HNC

Siemens RUGGEDCOM RS8000NC

Siemens RUGGEDCOM RS8000T

Siemens RUGGEDCOM RS8000TNC

三、漏洞处置建议

厂商已发布了漏洞修复程序,请及时关注更新:

https://cert-portal.siemens.com/productcert/html/ssa-908185.html