Vulnerability in Nozomi Guardian/CMC Before 24.3.1 on RUGGEDCOM APE1808 Devices
Monitor6SSA-254396Oct 8, 2024
Attack VectorNetwork
Auth RequiredLow
ComplexityHigh
User InteractionNone needed
Summary
Nozomi Networks identified vulnerabilities in Nozomi Guardian/CMC before version 24.2.0 affecting Siemens RUGGEDCOM APE1808 industrial network switches. The vulnerability is an authorization flaw (CWE-863) that allows authenticated users with lower privileges to gain unauthorized elevated access within the Guardian/CMC management platform. This could enable unauthorized modification of monitoring policies, access to configuration data, or interference with network visibility across connected OT devices. The affected products are RUGGEDCOM APE1808LNX and RUGGEDCOM APE1808LNX CC switches.
What this means
What could happen
An authenticated user with lower privileges could gain elevated access to the Guardian/CMC monitoring platform, potentially allowing unauthorized modification of network monitoring rules or access to sensitive plant data across multiple systems in a manufacturing environment.
Who's at risk
Manufacturing plants and critical infrastructure operators using RUGGEDCOM APE1808 switches with Nozomi Guardian/CMC for network monitoring and management. This affects any facility relying on these Siemens ruggedized network devices for OT visibility and access control.
How it could be exploited
An attacker with a standard user account on the RUGGEDCOM APE1808 device could exploit an authorization bypass vulnerability in the Nozomi Guardian/CMC software to escalate privileges. This would require the attacker to already have network access to the device and valid user credentials, but would not require any special user interaction once authenticated.
Prerequisites
- Valid user account credentials for Nozomi Guardian/CMC
- Network connectivity to the RUGGEDCOM APE1808 device on the port running Guardian/CMC
- Low privileges sufficient to trigger the authorization bypass
Authorization bypass vulnerability (CWE-863)Requires authentication but allows privilege escalationAffects monitoring and control platform accessMedium CVSS score (6.0)Low exploit probability (0.2%)No patch available for the base RUGGEDCOM APE1808LNX devices themselves
Exploitability
Low exploit probability (EPSS 0.2%)
Affected products (2)
2 EOL
ProductAffected VersionsFix Status
RUGGEDCOM APE1808LNXAll versionsNo fix (EOL)
RUGGEDCOM APE1808LNX CCAll versionsNo fix (EOL)
Remediation & Mitigation
0/4
Do now
0/2HOTFIXContact Siemens customer support to obtain and validate the Guardian/CMC patch before deployment
HARDENINGRestrict network access to RUGGEDCOM APE1808 devices to trusted engineering networks only using firewall rules or network segmentation
Schedule — requires maintenance window
0/2Patching may require device reboot — plan for process interruption
HOTFIXUpgrade Nozomi Guardian / CMC to version 24.3.1 or later
HARDENINGReview user access and privileges on Nozomi Guardian/CMC; remove unnecessary user accounts and apply the principle of least privilege
CVEs (1)
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/1304eff4-8b7c-47a2-bb29-9de0e0a6bb7c