Multiple Vulnerabilities in Fortigate NGFW Before V7.4.4 on RUGGEDCOM APE1808 Devices

Monitor7.5SSA-698820Jul 9, 2024

Attack VectorNetwork

Auth RequiredNone

ComplexityHigh

User InteractionRequired

Summary

Multiple vulnerabilities exist in Fortinet NGFW versions before V7.4.4 running on Siemens RUGGEDCOM APE1808 industrial firewalls. These include buffer overflow (CWE-121), cross-site scripting (CWE-79), authentication bypass (CWE-306), and information disclosure issues. An attacker on the network or exploiting user interaction could execute code, access sensitive data, or bypass security controls. Siemens recommends updating to V7.4.4 and implementing Fortinet's upstream workarounds.

What this means

What could happen

An attacker could exploit multiple vulnerabilities in the firewall running on RUGGEDCOM APE1808 devices to bypass authentication, inject malicious code, or disrupt network operations. This could allow unauthorized access to your industrial network or manipulation of traffic to connected control devices.

Who's at risk

Manufacturing facilities using RUGGEDCOM APE1808 industrial firewalls for network segmentation or perimeter protection should prioritize this update. This includes any water utilities or electric facilities that deploy these Siemens devices to protect PLC networks, SCADA systems, or remote terminal units (RTUs) from external or internal threats.

How it could be exploited

An attacker on the network or with user interaction could send specially crafted requests to the Fortigate NGFW interface running on the APE1808. Depending on the specific vulnerability, this could lead to buffer overflow, cross-site scripting, authentication bypass, or information disclosure that exposes sensitive configuration or credentials used to manage industrial equipment.

Prerequisites

Network access to the RUGGEDCOM APE1808 Fortigate NGFW management interface or traffic processing port
For some vulnerabilities, user interaction (e.g., an engineer visiting a crafted web page) may be required

Remotely exploitableHigh CVSS score (7.5)Affects network security device protecting industrial systemsMultiple vulnerability types (buffer overflow, injection, authentication)

Exploitability

Moderate exploit probability (EPSS 4.9%)

Affected products (1)

ProductAffected VersionsFix Status

RUGGEDCOM APE1808All versionsNo fix yet

Remediation & Mitigation

0/4

Do now

0/2

WORKAROUNDImplement Fortinet's recommended workarounds from their upstream security notifications while awaiting patch deployment

HARDENINGRestrict network access to the RUGGEDCOM APE1808 management interface to authorized engineering workstations only

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Fortigate NGFW on RUGGEDCOM APE1808 to version V7.4.4 or later

HOTFIXContact Siemens customer support for patch delivery and coordinate with your operations team to schedule the firmware update during a maintenance window

CVEs (14)

CVE-2023-46720 CVE-2023-50176 CVE-2024-21754 CVE-2024-23111 CVE-2024-26006 CVE-2024-26008 CVE-2024-26010 CVE-2024-26011 CVE-2024-26015 CVE-2024-33510 CVE-2024-36505 CVE-2024-47570 CVE-2024-50568 CVE-2025-47295

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/fa911388-2c80-433f-b21d-2fd6147702b6