Security flaw with RuggedCom devices
PhreaK
Senior Member
Just a heads up for anyone using any RuggedCom devices (switches, serial -> IP gateways etc) in their systems. There's recently been a rather large security flaw announced in ROS. Basically they've got a backdoor account that can't be modified or disabled. Full info on the Full Disclosure mailing list.
Comments
-
There's recently been a rather large security flaw announced in ROS. [/url].
This has been known about for almost 2 years now :P
Naively at first I considered it useful, then I realized what a nightmare it is. Backdoor accounts are good for maintenance and service, but FFS dont base them as a direct result of the MAC, generate a random 64 char password and store it in a private database that is keyed to the MAC on a secured server at RuffedCom HQ! -
It's been known for a while, but was only announced on Monday due to lack of action by the vendor.This has been known about for almost 2 years now :P -
I wonder if this was disclosed to Siemens who bought them just last month.
-
I wonder if this was disclosed to Siemens who bought them just last month.
They probably wouldn't care, since Siemans isn't terribly good about fixing problems in their own logic controllers. -
Categories
- All Categories
- 2.5K AMX General Discussion
- 922 AMX Technical Discussion
- 514 AMX Hardware
- 502 AMX Control Products
- 3 AMX Video Distribution Products
- 9 AMX Networked AV (SVSI) Products
- AMX Workspace & Collaboration Products
- 3.4K AMX Software
- 151 AMX Resource Management Suite Software
- 386 AMX Design Tools
- 2.4K NetLinx Studio
- 135 Duet/Cafe Duet
- 248 NetLinx Modules & Duet Modules
- 57 AMX RPM Forum
- 228 MODPEDIA - The Public Repository of Modules for Everyone
- 943 AMX Specialty Forums
- 2.6K AMXForums Archive
- 2.6K AMXForums Archive Threads
- 1.5K AMX Hardware
- 432 AMX Applications and Solutions
- 249 Residential Forum
- 182 Tips and Tricks
- 146 AMX Website/Forums