All news with #ruggedcom tag

Siemens RUGGEDCOM TLS and Access Control Vulnerabilities

🔒 Siemens published an advisory (republished by CISA) for multiple vulnerabilities affecting RUGGEDCOM ROS devices, including CVE-2023-52236 and several CVE-2025-4122x issues. The flaws involve risky cryptographic algorithms, improper TLS handshake handling that can cause DoS, and an access-control enforcement failure that persists until reboot. Siemens has released updates (V5.10.0+) for many models and recommends restricting management ports, disabling web/SSH services if unused, and configuring GCM ciphers where applicable. CISA reiterates standard ICS guidance to minimize network exposure and isolate control networks.