OTPulse
FeedAboutContact

Siemens RUGGEDCOM APE1808

Monitor5.3ICS-CERT ICSA-24-046-08Feb 13, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

A vulnerability in the web management interface of Siemens RUGGEDCOM APE1808 allows an attacker on the network to read sensitive information (configuration data) without providing valid credentials. The vulnerability affects firmware versions before 23.3.0. Siemens has released a patched version and recommends updating to the latest firmware. As a temporary measure, restrict access to the web management interface using firewall rules.

What this means
What could happen
An attacker with network access to the web management interface of a RUGGEDCOM APE1808 could view sensitive configuration or operational data without authentication. This could expose details about your network topology, device settings, or other operational parameters that could inform further attacks.
Who's at risk
Manufacturing facilities using Siemens RUGGEDCOM APE1808 industrial switches, particularly those relying on these switches for network connectivity in production environments or critical infrastructure.
How it could be exploited
An attacker on the network sends HTTP requests to the web management interface of the APE1808. The vulnerability allows reading sensitive information without providing valid credentials. No user interaction is required.
Prerequisites
  • Network access to the web management interface (typically port 80/443)
  • Device running firmware version before 23.3.0
remotely exploitableno authentication requiredlow complexity
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (1)
ProductAffected VersionsFix Status
RUGGEDCOM APE1808<with Nozomi Guardian / CMC 23.3.023.3.0
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDRestrict access to the web management interface using internal firewall rules (limit to trusted engineering/administrative networks only)
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate RUGGEDCOM APE1808 to firmware version 23.3.0 or later
Long-term hardening
0/1
HARDENINGImplement network segmentation to isolate the APE1808 and limit which hosts can reach the management interface
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/15f1161f-f5bf-43e2-8c27-bd5b506ce53f
Siemens RUGGEDCOM APE1808 | CVSS 5.3 - OTPulse