all InfoSec news
SSA-256353 V1.0: Third-Party Component Vulnerabilities in RUGGEDCOM ROS
Siemens ProductCERT Security Advisories cert-portal.siemens.com
Multiple vulnerabilities affect various third-party components of the RUGGEDCOM ROS, and a cross-site scripting exploit. If exploited, an attacker could cause a denial-of-service, act as a man-in-the-middle or retrieval of sensitive information or gain privileged functions.
Siemens is preparing updates and recommends countermeasures for products where updates are not, or not yet available.
act attacker components component vulnerabilities countermeasures cross-site exploit exploited functions information man-in-the-middle party privileged products ros ruggedcom scripting sensitive sensitive information service siemens ssa third third-party updates vulnerabilities