Security Vulnerabilities Fixed in RUGGEDCOM CROSSBOW V5.3
Plan Patch8.8SSA-320629Mar 14, 2023
Attack VectorNetwork
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary
RUGGEDCOM CROSSBOW before V5.3 contains two vulnerabilities (CWE-862: Missing Authorization, CWE-89: SQL Injection) that allow authenticated remote attackers to access unauthorized data or execute arbitrary database queries through SQL injection attacks.
What this means
What could happen
An attacker with valid credentials to RUGGEDCOM CROSSBOW could execute arbitrary database queries to extract sensitive configuration data or modify network settings, potentially disrupting communications on the industrial network.
Who's at risk
Network engineers and OT operations staff managing RUGGEDCOM CROSSBOW devices in industrial networks, including critical infrastructure operators in electric utilities and water treatment facilities who rely on these hardened network switches for communications.
How it could be exploited
An attacker with valid user credentials authenticates to RUGGEDCOM CROSSBOW remotely (network access to the device). Once authenticated, the attacker injects malicious SQL commands into database queries to bypass authorization controls and extract or modify data outside their permission level.
Prerequisites
- Valid user credentials for RUGGEDCOM CROSSBOW
- Network access to RUGGEDCOM CROSSBOW management interface
- Device running RUGGEDCOM CROSSBOW version prior to V5.3
remotely exploitablerequires valid authenticationaffects industrial network infrastructurelow complexity attack
Exploitability
Low exploit probability (EPSS 0.4%)
Affected products (1)
ProductAffected VersionsFix Status
RUGGEDCOM CROSSBOW< V5.35.3
Remediation & Mitigation
0/1
Schedule — requires maintenance window
0/1Patching may require device reboot — plan for process interruption
HOTFIXUpdate RUGGEDCOM CROSSBOW to version 5.3 or later
CVEs (2)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/2b9c1548-97ae-4b7e-8148-6ed322accdb1