Rewterz

Rewterz Threat Advisory – ICS : Schneider Electric EcoStruxure and SCADAPack

September 20, 2021
Rewterz

Rewterz Threat Alert – WannaCry Ransomware – Active IOCs

September 20, 2021

Rewterz Threat Advisory – ICS : Siemens RUGGEDCOM ROX

Severity

High

Analysis Summary

CVE-2021-37173

The affected devices have an exposure of sensitive information vulnerability that could allow an authenticated attacker to extract data via Secure Shell (SSH).

CVE-2021-37174

The affected devices have a privilege escalation vulnerability that could allow an attacker to gain root user access.

CVE-2021-37175

The affected devices do not properly handle permissions to traverse the file system. If exploited, an attacker could gain access to an overview of the overview of the complete file system on the affected devices.

Impact

  • Unauthorized Access

Affected Vendors

  • Siemens

Affected Products

  • RUGGEDCOM ROX MX5000: All versions prior to v2.14.1
  • RUGGEDCOM ROX RX1400: All versions prior to v2.14.1
  • RUGGEDCOM ROX RX1500: All versions prior to v2.14.1
  • RUGGEDCOM ROX RX1501: All versions prior to v2.14.1
  • RUGGEDCOM ROX RX1510: All versions prior to v2.14.1
  • RUGGEDCOM ROX RX1511: All versions prior to v2.14.1
  • RUGGEDCOM ROX RX1512: All versions prior to v2.14.1
  • RUGGEDCOM ROX RX1524: All versions prior to v2.14.1
  • RUGGEDCOM ROX RX1536: All versions prior to v2.14.1
  • RUGGEDCOM ROX RX5000: All versions prior to v2.14.1

Remediation

Refer to ICS Advisory for the patch, upgrade, or suggested workaround information.

https://us-cert.cisa.gov/ics/advisories/icsa-21-259-01

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.