Multiple Vulnerabilities in Fortigate NGFW Before V7.4.7 on RUGGEDCOM APE1808 Devices
Act Now9.8SSA-770770Feb 11, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Multiple critical vulnerabilities exist in FortiOS running on Siemens RUGGEDCOM APE1808 industrial firewalls. The vulnerabilities allow unauthenticated remote attackers to execute arbitrary code, cause denial of service, and compromise system integrity without user interaction. The issues affect all versions of RUGGEDCOM APE1808.
What this means
What could happen
An attacker could remotely execute arbitrary code on your industrial firewall without authentication, potentially gaining full control of network traffic inspection and allowing unauthorized access to or disruption of critical manufacturing processes and control networks.
Who's at risk
Manufacturing facilities and utilities using RUGGEDCOM APE1808 industrial firewalls for network perimeter protection and control system segregation. This includes any organization using this device as a critical gateway between enterprise and operational technology networks.
How it could be exploited
An attacker on the network can send crafted network packets to the firewall's management or data plane ports. The firewall will process these packets without requiring authentication or user interaction, allowing the attacker to execute code with full system privileges.
Prerequisites
- Network access to the RUGGEDCOM APE1808 firewall (management or data plane interface)
- No valid credentials required
- No special configuration required
Remotely exploitableNo authentication requiredLow complexity attackActively exploited in the wild (KEV)Extremely high exploit probability (94% EPSS)Critical CVSS score (9.8)Affects network security infrastructure protecting control systems
Exploitability
Actively exploited — confirmed by CISA KEV
Affected products (1)
ProductAffected VersionsFix Status
RUGGEDCOM APE1808All versions7.4.7
Remediation & Mitigation
0/4
Do now
0/3HOTFIXUpdate FortiOS firmware to version 7.4.7 or later on all RUGGEDCOM APE1808 devices
HOTFIXContact Siemens and Fortinet customer support immediately to obtain and verify firmware patches
WORKAROUNDRestrict network access to firewall management interfaces using access control lists and firewalls until patches are applied
Long-term hardening
0/1HARDENINGSegment industrial networks so firewall compromise does not expose all control systems
CVEs (30)
CVE-2022-42475CVE-2023-27997CVE-2024-3596CVE-2024-21762CVE-2024-26013CVE-2024-35279CVE-2024-36504CVE-2024-40591CVE-2024-45324CVE-2024-46665CVE-2024-46666CVE-2024-46668CVE-2024-46669CVE-2024-46670CVE-2024-47569CVE-2024-48884CVE-2024-48885CVE-2024-48886CVE-2024-50563CVE-2024-50565CVE-2024-50571CVE-2024-52965CVE-2024-54021CVE-2025-22251CVE-2025-22252CVE-2025-22254CVE-2025-22258CVE-2025-25252CVE-2025-58325CVE-2025-68686
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/9624e097-7e2c-49a0-b9cd-689912d0775f