Vulnerabilities > CVE-2012-1803 - Cryptographic Issues vulnerability in Siemens Ruggedcom Rugged Operating System

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
siemens
CWE-310
exploit available
metasploit

Summary

RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) TELNET, (2) remote shell (aka rsh), or (3) serial-console session.

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.

Exploit-Db

descriptionRuggedCom Devices Backdoor Access. CVE-2012-1803,CVE-2012-2441. Remote exploit for hardware platform
fileexploits/hardware/remote/18779.txt
idEDB-ID:18779
last seen2016-02-02
modified2012-04-24
platformhardware
port
published2012-04-24
reporterjc
sourcehttps://www.exploit-db.com/download/18779/
titleRuggedCom Devices Backdoor Access
typeremote

Metasploit

descriptionThis module will calculate the password for the hard-coded hidden username "factory" in the RuggedCom Rugged Operating System (ROS). The password is dynamically generated based on the devices MAC address.
idMSF:AUXILIARY/SCANNER/TELNET/TELNET_RUGGEDCOM
last seen2019-11-27
modified2017-07-24
published2012-05-13
referenceshttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1803
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/telnet/telnet_ruggedcom.rb
titleRuggedCom Telnet Password Generator

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/112149/ruggedcom-backdoor.txt
idPACKETSTORM:112149
last seen2016-12-05
published2012-04-24
reporterjc
sourcehttps://packetstormsecurity.com/files/112149/RuggedCom-Device-Undocumented-Backdoor.html
titleRuggedCom Device Undocumented Backdoor