CVE-2021-42016 | Siemens RUGGEDCOM ROS M2100 up to 5.5.x Private Key timing discrepancy (ssa-256353)
A vulnerability was found in Siemens RUGGEDCOM ROS M2100, RUGGEDCOM ROS RMC8388, RUGGEDCOM ROS RS416v2, RUGGEDCOM ROS RS900G, RUGGEDCOM ROS RS900G, RUGGEDCOM ROS RSG2100, RUGGEDCOM ROS RSG2100P, RUGGEDCOM ROS RSG2100P, RUGGEDCOM ROS RSG2288, RUGGEDCOM ROS RSG2300, RUGGEDCOM ROS RSG2300P, RUGGEDCOM ROS RSG2488, RUGGEDCOM ROS RSG900, RUGGEDCOM ROS RSG920P, RUGGEDCOM ROS RSL910, RUGGEDCOM ROS RST2228, RUGGEDCOM ROS RST916C and RUGGEDCOM ROS RST916P up to 5.5.x. It has been classified as problematic. This affects an unknown part of the component Private Key Handler. The manipulation leads to observable timing discrepancy.
This vulnerability is uniquely identified as CVE-2021-42016. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.