CVE-2023-52236 in RUGGEDCOM i800info

Summary

by MITRE • 07/08/2025

A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions), RUGGEDCOM M969 (All versions), RUGGEDCOM RMC30 (All versions), RUGGEDCOM RMC8388 V4.X (All versions), RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RP110 (All versions), RUGGEDCOM RS1600 (All versions), RUGGEDCOM RS1600F (All versions), RUGGEDCOM RS1600T (All versions), RUGGEDCOM RS400 (All versions), RUGGEDCOM RS401 (All versions), RUGGEDCOM RS416 (All versions), RUGGEDCOM RS416P (All versions), RUGGEDCOM RS416Pv2 V4.X (All versions), RUGGEDCOM RS416Pv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416v2 V4.X (All versions), RUGGEDCOM RS416v2 V5.X (All versions < V5.10.0), RUGGEDCOM RS8000 (All versions), RUGGEDCOM RS8000A (All versions), RUGGEDCOM RS8000H (All versions), RUGGEDCOM RS8000T (All versions), RUGGEDCOM RS900 (All versions), RUGGEDCOM RS900 (32M) V4.X (All versions), RUGGEDCOM RS900 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900G (All versions), RUGGEDCOM RS900G (32M) V4.X (All versions), RUGGEDCOM RS900G (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RS900GP (All versions), RUGGEDCOM RS900L (All versions), RUGGEDCOM RS900M-GETS-C01 (All versions), RUGGEDCOM RS900M-GETS-XX (All versions), RUGGEDCOM RS900M-STND-C01 (All versions), RUGGEDCOM RS900M-STND-XX (All versions), RUGGEDCOM RS900W (All versions), RUGGEDCOM RS910 (All versions), RUGGEDCOM RS910L (All versions), RUGGEDCOM RS910W (All versions), RUGGEDCOM RS920L (All versions), RUGGEDCOM RS920W (All versions), RUGGEDCOM RS930L (All versions), RUGGEDCOM RS930W (All versions), RUGGEDCOM RS940G (All versions), RUGGEDCOM RS969 (All versions), RUGGEDCOM RSG2100 (All versions), RUGGEDCOM RSG2100 (32M) V4.X (All versions), RUGGEDCOM RSG2100 (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2100P (All versions), RUGGEDCOM RSG2100P (32M) V4.X (All versions), RUGGEDCOM RSG2100P (32M) V5.X (All versions < V5.10.0), RUGGEDCOM RSG2200 (All versions), RUGGEDCOM RSG2288 V4.X (All versions), RUGGEDCOM RSG2288 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300 V4.X (All versions), RUGGEDCOM RSG2300 V5.X (All versions < V5.10.0), RUGGEDCOM RSG2300P V4.X (All versions), RUGGEDCOM RSG2300P V5.X (All versions < V5.10.0), RUGGEDCOM RSG2488 V4.X (All versions), RUGGEDCOM RSG2488 V5.X (All versions < V5.10.0), RUGGEDCOM RSG907R (All versions < V5.10.0), RUGGEDCOM RSG908C (All versions < V5.10.0), RUGGEDCOM RSG909R (All versions < V5.10.0), RUGGEDCOM RSG910C (All versions < V5.10.0), RUGGEDCOM RSG920P V4.X (All versions), RUGGEDCOM RSG920P V5.X (All versions < V5.10.0), RUGGEDCOM RSL910 (All versions < V5.10.0), RUGGEDCOM RST2228 (All versions < V5.10.0), RUGGEDCOM RST2228P (All versions < V5.10.0), RUGGEDCOM RST916C (All versions < V5.10.0), RUGGEDCOM RST916P (All versions < V5.10.0). The affected products support insecure cryptographic algorithms. An attacker could leverage these legacy algorithms to achieve a man-in-the-middle attack or impersonate communicating parties.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Analysis

by VulDB Data Team • 07/08/2025

This vulnerability affects a wide range of ruggedized networking equipment from RUGGEDCOM, spanning multiple product lines including i800, M2100, RMC30, RS400, RS900, RSG2100, and others. The core issue lies in the implementation of insecure cryptographic algorithms that have been deprecated due to known security weaknesses and vulnerabilities. These devices utilize legacy encryption methods that fail to provide adequate protection against modern cryptographic attacks. The vulnerability is classified under CWE-327, which specifically addresses the use of weak or broken cryptographic algorithms, making it a critical concern for network security infrastructure.

The technical flaw manifests in how these devices handle secure communications, particularly in their implementation of cryptographic protocols and algorithms. When devices rely on outdated or weak cryptographic methods, they become susceptible to man-in-the-middle attacks where an attacker can intercept, modify, or forge communications between legitimate parties. This weakness allows adversaries to potentially decrypt sensitive information, impersonate authorized systems, or disrupt network communications entirely. The impact extends beyond individual device compromise to potentially affect entire network infrastructures that depend on these secure communication channels for operational integrity.

From an operational perspective, this vulnerability creates significant risks for industrial control systems, critical infrastructure networks, and secure communication deployments where RUGGEDCOM devices are utilized. Organizations relying on these devices for secure remote access, configuration management, or data transmission face potential unauthorized access and data compromise. The vulnerability affects all versions of the listed products, indicating a widespread issue that requires immediate attention across multiple deployment scenarios. Network defenders must consider that these devices may be targeted by threat actors seeking to establish persistent access points within secured environments.

The mitigation strategy should prioritize immediate firmware updates from RUGGEDCOM to address the cryptographic weaknesses. Organizations should also implement network segmentation and monitoring to detect potential exploitation attempts. Additional defensive measures include disabling or restricting the use of vulnerable cryptographic protocols where possible, implementing network access controls, and establishing continuous monitoring for unusual communication patterns. This vulnerability aligns with ATT&CK technique T1071.004 for application layer protocol: DNS and T1566 for credential harvesting through man-in-the-middle attacks. Organizations should also conduct comprehensive inventory assessments to identify all affected devices and implement remediation plans prioritized by risk exposure levels. The vulnerability represents a significant gap in network security infrastructure that requires immediate attention to prevent potential exploitation by adversaries seeking to compromise critical communications systems.

Responsible

Siemens

Reservation

12/29/2023

Disclosure

07/08/2025

Moderation

accepted

CPE

ready

EPSS

0.00174

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!