Unrated severityNVD Advisory· Published Aug 3, 2015· Updated Jun 17, 2026
CVE-2015-5537
CVE-2015-5537
Description
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a different vulnerability than CVE-2014-3566.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- cpe:2.3:o:siemens:ruggedcom_rox_ii_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:ruggedcom_rugged_operating_system:*:*:*:*:*:*:*:*Range: <4.2.0
- Range: <4.2.0
Patches
Vulnerability mechanics
References
3- www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-396873.pdfnvdBroken LinkPatchVendor Advisory
- www.securitytracker.com/id/1033022nvdBroken LinkThird Party AdvisoryVDB Entry
- ics-cert.us-cert.gov/advisories/ICSA-15-202-03AnvdBroken LinkThird Party AdvisoryUS Government Resource
News mentions
0No linked articles in our index yet.