CVE-2013-6926

Siemens RuggedCom ROS < 3.12.2 - Authenticated Authorization Bypass via Guest or Operator Account

Title source: llm

Description

The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated users to bypass intended restrictions on administrative actions by leveraging access to a (1) guest or (2) operator account.

References (2)

Core 2

Core References

Third Party Advisory, US Government Resource x_refsource_misc

http://ics-cert.us-cert.gov/advisories/ICSA-13-340-01

Broken Link, Vendor Advisory x_refsource_confirm

http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-324789.pdf

Scores

EPSS 0.0027

EPSS Percentile 50.0%

Details

CWE

CWE-863

Status published

Products (1)

siemens/ruggedcom_rugged_operating_system < 3.12.2

Published Dec 17, 2013

Tracked Since Feb 18, 2026