OTPulse
FeedAboutContact

Multiple Vulnerabilities in Nozomi Guardian/CMC before 22.6.3 and 23.1.0 on RUGGEDCOM APE1808 devices

Plan Patch8.1SSA-292063Nov 14, 2023
Attack VectorNetwork
Auth RequiredNone
ComplexityHigh
User InteractionNone needed
Summary

Nozomi Guardian/CMC software running on RUGGEDCOM APE1808 devices contains SQL injection (CWE-89) and improper input validation (CWE-20) vulnerabilities. These flaws allow remote attackers to manipulate database queries or inject malicious input, potentially compromising the integrity and confidentiality of industrial network monitoring and control data. The vulnerabilities affect all versions before V22.6.3 and V23.1.0.

What this means
What could happen
An attacker with network access could inject malicious SQL commands or send specially crafted input to the Nozomi Guardian/CMC software on RUGGEDCOM APE1808 devices, potentially gaining unauthorized access to configuration data, monitoring information, or control functions on connected industrial network equipment.
Who's at risk
Manufacturing facilities using Siemens RUGGEDCOM APE1808 devices with Nozomi Guardian or CMC software for network monitoring and asset management. This includes water/wastewater treatment plants, electric utilities, and industrial process control networks that rely on these devices for visibility and management of industrial switches and control systems.
How it could be exploited
An attacker on the network sends crafted requests to the Nozomi Guardian/CMC web interface or API (port 443 or 8443 typically) containing SQL injection or input validation bypass payloads. The vulnerable software processes the request without proper sanitization, allowing the attacker to extract sensitive data or modify system behavior.
Prerequisites
  • Network access to the RUGGEDCOM APE1808 device on ports used by Nozomi Guardian/CMC (typically 443 or 8443)
  • Nozomi Guardian/CMC version before 22.6.3 or 23.1.0 installed on the device
  • No authentication required to trigger the vulnerability
remotely exploitableno authentication requiredlow complexityhigh CVSS score (8.1)affects network monitoring and control visibility
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
RUGGEDCOM APE1808All versions with Nozomi Guardian / CMC before V22.6.3 or 23.1.0No fix yet
Remediation & Mitigation
0/3
Do now
0/1
WORKAROUNDRestrict network access to the RUGGEDCOM APE1808 device to trusted engineering workstations and management networks using firewall rules
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade Nozomi Guardian / CMC to version 23.4.1 or later
Long-term hardening
0/1
HARDENINGImplement network segmentation to isolate RUGGEDCOM APE1808 devices from untrusted networks and limit east-west communication
View full Siemens ProductCERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/912403ce-86e5-4396-8aba-5e126b415c3a
Multiple Vulnerabilities in Nozomi Guardian/CMC before 22.6.3 and 23.1.0 on RUGGEDCOM APE1808 devices | CVSS 8.1 - OTPulse