Executive Summary

Informations
Name CVE-2012-1803 First vendor Publication 2012-04-27
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:C/I:C/A:C)
Cvss Base Score 8.5 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 6.8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

RuggedCom Rugged Operating System (ROS) 3.10.x and earlier has a factory account with a password derived from the MAC Address field in the banner, which makes it easier for remote attackers to obtain access by performing a calculation on this address value, and then establishing a (1) TELNET, (2) remote shell (aka rsh), or (3) serial-console session.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1803

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-310 Cryptographic Issues

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 11

ExploitDB Exploits

id Description
2012-04-24 RuggedCom Devices Backdoor Access

OpenVAS Exploits

Date Description
2012-06-21 Name : Rugged Operating System Backdoor Unauthorized Access Vulnerability
File : nvt/gb_rugged_operating_system_53215.nasl

Snort® IPS/IDS

Date Description
2014-01-10 RuggedCom default backdoor login attempt
RuleID : 21938 - Revision : 6 - Type : PROTOCOL-TELNET

Sources (Detail)

http://archives.neohapsis.com/archives/bugtraq/2012-04/0186.html
http://arstechnica.com/business/news/2012/04/backdoor-in-mission-critical-har...
http://ics-cert.us-cert.gov/advisories/ICSA-12-146-01A
http://seclists.org/fulldisclosure/2012/Apr/277
http://www.exploit-db.com/exploits/18779
http://www.kb.cert.org/vuls/id/889195
http://www.kb.cert.org/vuls/id/MAPG-8RCPEN
http://www.ruggedcom.com/productbulletin/ros-security-page/
http://www.securityfocus.com/bid/53215
http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-116-01A.pdf
http://www.wired.com/threatlevel/2012/04/ruggedcom-backdoor/
https://exchange.xforce.ibmcloud.com/vulnerabilities/75120
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
Date Informations
2024-11-28 23:02:09
  • Multiple Updates
2024-11-28 12:29:30
  • Multiple Updates
2022-02-03 01:11:37
  • Multiple Updates
2022-02-02 12:11:32
  • Multiple Updates
2021-05-04 12:19:38
  • Multiple Updates
2021-04-22 01:23:20
  • Multiple Updates
2020-05-23 13:16:59
  • Multiple Updates
2020-05-23 01:48:32
  • Multiple Updates
2020-05-23 00:33:21
  • Multiple Updates
2017-12-14 09:21:25
  • Multiple Updates
2017-11-22 09:22:04
  • Multiple Updates
2014-01-19 21:28:36
  • Multiple Updates
2013-05-21 17:18:45
  • Multiple Updates
2013-05-10 22:36:47
  • Multiple Updates
2012-12-19 13:25:07
  • Multiple Updates