CVE-2015-7836
low
CVSS v3
—
CVSS v2
3.3
VIR risk
3.3
Description
Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by sniffing the network for VLAN data within the padding section of an Ethernet frame.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: cve@mitre.org — http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-921524.pdf
References
- http://www.securitytracker.com/id/1033973
- http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-921524.pdf
- https://ics-cert.us-cert.gov/advisories/ICSA-15-300-01
- http://www.securitytracker.com/id/1033973
- http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-921524.pdf
- https://ics-cert.us-cert.gov/advisories/ICSA-15-300-01
CWEs
CWE-200
Verify integrity in audit chain (admin only). AS-IS.