Siemens is working on a fix for a remotely exploitable vulnerability in network routers and switches. The vulnerability stems from a hard-coded RSA SSL private key in RuggedCom’s Rugged Operating System (ROS) The vulnerability is similar to flaws in older versions of Microsoft’s Remote Desktop Protocol clients and Terminal Servers. The Department of Homeland Security’s Industrial Control Systems Computer Emergency Response Team (ICS-CERT) issued an alert warning operators of industrial control networks about the problem. The alert urged administrators to ensure that control system devices are not connected directly to the Internet.”]