Vulnerability in Nozomi Guardian/CMC on RUGGEDCOM APE1808 Devices

Plan Patch8.9SSA-827968Jan 13, 2026

Attack VectorNetwork

Auth RequiredLow

ComplexityLow

User InteractionRequired

Summary

Nozomi Networks disclosed vulnerabilities in the Guardian/CMC management interface affecting Siemens RUGGEDCOM APE1808 devices. The vulnerabilities allow injection attacks (CWE-79, CWE-22) that could lead to code execution, data theft, or denial of service. Siemens has not yet released patches and recommends implementing compensating controls until fixes are available.

What this means

What could happen

An authenticated user could exploit vulnerabilities in the Guardian/CMC management interface on RUGGEDCOM APE1808 devices to inject malicious code or access sensitive data, potentially compromising the integrity and availability of network management functions for industrial sites.

Who's at risk

Manufacturing plants using RUGGEDCOM APE1808 industrial network devices for critical infrastructure management. This affects IT/OT network administrators and site operations staff who depend on the Guardian/CMC interface to manage industrial Ethernet switching and redundancy.

How it could be exploited

An attacker with valid credentials to the Guardian/CMC interface (or who obtains them) could inject malicious input through the web interface due to insufficient input validation (CWE-79, CWE-22). The attacker could execute arbitrary code on the management device or read protected files, affecting the ability to monitor and control connected RUGGEDCOM industrial devices.

Prerequisites

Valid login credentials to the Guardian/CMC interface
Network access to the RUGGEDCOM APE1808 management port (typically HTTP/HTTPS)
User interaction (the CVSS vector includes UI:R, indicating a user must perform an action)

Remotely exploitableRequires valid credentialsNo patch available yetAffects network management devices that control industrial traffic

Exploitability

Low exploit probability (EPSS 0.1%)

Affected products (1)

ProductAffected VersionsFix Status

RUGGEDCOM APE1808All versionsNo fix (EOL)

Remediation & Mitigation

0/4

Do now

0/1

WORKAROUNDRestrict network access to the Guardian/CMC management interface using firewall rules; allow access only from trusted engineering workstations and management networks

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXContact Siemens customer support to obtain patch and update information for RUGGEDCOM APE1808 devices

Mitigations - no patch available

0/2

RUGGEDCOM APE1808 has reached End of Life. The vendor will not release a patch. Apply the following compensating controls:

HARDENINGImplement network segmentation to isolate RUGGEDCOM APE1808 devices and their management traffic from untrusted networks

HARDENINGMonitor access logs to the Guardian/CMC interface for unauthorized login attempts or suspicious activity

CVEs (4)

CVE-2025-40891 CVE-2025-40892 CVE-2025-40893 CVE-2025-40898

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/89d45e6e-31ac-4f4b-817d-09b9c17b7e67