all InfoSec news
SSA-764417 V1.7 (Last Update: 2023-03-14): Weak Encryption Vulnerability in RUGGEDCOM ROS Devices
Siemens ProductCERT Security Advisories cert-portal.siemens.com
The SSH server on RUGGEDCOM ROS devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.
Siemens has released updates for the affected products and recommends to update to the latest versions.
attacker ciphers clients data default device devices encryption man-in-the-middle offer ros ruggedcom server siemens ssa ssh unauthorized update updates vulnerability