Today the DHS
ICS-CERT published a more than slightly delayed alert
about a serious vulnerability in various network devices from RuggedCom. The vulnerability
was reported (in an attempted coordinated disclosure) by Justin W. Clarke.
Justin reported that:
“An undocumented backdoor account
exists within all released versions of RuggedCom's Rugged Operating System
(ROS®). The username for the account,
which cannot be disabled, is ‘factory’ and its password is dynamically
generated based on the device's MAC address.”
The Advisory briefly notes that there was an “an attempted
but unsuccessful coordination with the vendor” but there is a more detailed description
of the apparent failure of RuggedCom to adequately respond to the disclosure.
Unusual for an alert, ICS-CERT is reporting that RuggedCom
has recommended that “customers to disable the
rsh (remote shell) service and set the number of Telnet connections allowed to
0”, but ICS-CERT also notes that they have not verified that this
resolves the vulnerability issue.
Posts
No comments:
Post a Comment