Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Severity
High
Analysis Summary
CVE-2018-5379
The shipped version of the Quagga BGP daemon (bgpd) can double free memory when processing certain forms of UPDATE messages, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or allow an attacker to execute arbitrary code.
CVE-2018-5380
The shipped version of the Quagga BGP daemon (bgpd) can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input.
The vulnerability could be exploited by an attacker spoofing a malicious BGP code-point. Successful exploitation requires the attacker to be in the position of a configured, trusted BGP peer.
CVE-2018-5381
The shipped version of the Quagga BGP daemon (bgpd) has a bug in its parsing of “Capabilities” in BGP OPEN messages. The parser can enter an infinite loop on invalid capabilities, causing a denial of service.
The vulnerability could be exploited by an attacker spoofing a malicious BGP OPEN message. Successful exploitation requires the attacker to be in the position of a configured, trusted BGP peer.
Impact
Affected Vendors
Siemens
Affected Products
RUGGEDCOM ROX II
Remediation
Vendor has provided firmware update v2.13.0 to fix these vulnerabilities.
The firmware updates for RUGGEDCOM ROX-based devices can be obtained by contacting the RUGGEDCOM support team.
https://support.industry.siemens.com/my/WW/en/requests#createRequest
Siemens has identified the following specific workarounds and mitigation users can apply to reduce the risk: