Safety & Security
Frauscher PSIRT

We at Frauscher stand for safety in rail transport and individual solutions for our customers. That is why we have introduced a process for security-relevant topics, which helps us to react as quickly as possible to alleged security risks. We work according to a comprehensive approach to secure our products, services and individual solutions. 

For this purpose, we have established our Product Security Incident Response Team (PSIRT). You can reach our experts via the contact options listed at the bottom of the page.

Report potential risk

How does it work?

Reporting

When you report a potential security risk to our experts, you will receive a confirmation from our Product Security Incident Response Team after a careful review.

Expert analysis

The potential risk will be analysed closely by our experts. If desired, you will receive regular status reports on the progress of the analysis.

Implementation

In this step, any necessary immediate measures are implemented, and long-term measures are planned.

Publication

The publication of the results and measures will be available on this page.

Security Advisory

Frauscher Diagnostic System FDS102 for FAdC® R2 and FAdCi R2 configuration upload vulnerability

Publication Date: 28.10.2022

CVE-ID: CVE-2022-3575
CVSS v3.1 Base Score: 9.8
CVSS v3.1 Overall Score: 5.9
CVSS Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C/CR:X/IR:X/AR:X/MAV:A/MAC:X/MPR:X/MUI:X/MS:X/MC:L/MI:L/MA:L
CWE-ID: CWE-434

Summary

  • FDS102 for FAdC® R2 and FAdCi R2 v2.8.0 to v2.9.1 are vulnerable to malicious code upload without authentication by using the configuration upload function. This could lead to a complete compromise of the FDS102 device.

Affected versions:

  • v2.8.0, v2.9.0, v2.9.1

Remediation

  • Update to v2.9.2 or higher

 

Log4j Vulnerability CVE-2021-44228

Published: 15.12.2021

Summary

  • None of our Axle Counters and Wheel Sensors are affected (e.g. FAdC®, ACS2000, RSR110, RSR123, RSR180, ...).
  • None of our diagnostic products are affected (e.g. FDS, RMD, ASD, ...).

 

Contact Frauscher PSIRT

 

You can contact our experts directly with all security-related questions and comments about our products and solutions. You are also welcome to report potential security risks or problems via this channel. Our experts will get back to you as soon as possible. 

PSIRT

Frauscher Sensor Technology