Multiple Vulnerabilities in Fortigate NGFW Before V7.4.3 on RUGGEDCOM APE1808 Devices
Act Now9.8SSA-832273Mar 12, 2024
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary
Multiple vulnerabilities exist in Fortinet NGFW versions before 7.4.3 deployed on Siemens RUGGEDCOM APE1808 industrial network appliances. The vulnerabilities span multiple CWE categories including improper input validation (CWE-134), buffer overflows (CWE-122, CWE-787, CWE-121), insecure authentication (CWE-287, CWE-295), and insufficient access controls (CWE-285, CWE-639). These flaws allow remote attackers to execute arbitrary code without authentication, modify security policies, and compromise network confidentiality and integrity.
What this means
What could happen
An attacker could remotely execute arbitrary commands on the RUGGEDCOM APE1808 network appliance without authentication, potentially compromising the industrial network's integrity, confidentiality, and availability. This could allow unauthorized access to critical infrastructure data, interception of communications, or disruption of network connectivity for manufacturing operations.
Who's at risk
Manufacturing facilities and critical infrastructure operators using RUGGEDCOM APE1808 industrial network appliances (firewall/gateway devices) should prioritize this vulnerability. Any organization relying on this Siemens device to protect industrial networks, including utilities, discrete manufacturing, and process control environments, is affected regardless of firmware version.
How it could be exploited
An attacker on the network can send a specially crafted request to the Fortigate NGFW running on the RUGGEDCOM APE1808. The vulnerability chain (involving improper input validation, buffer overflows, and privilege escalation flaws) allows remote code execution without requiring authentication or user interaction. Once code execution is achieved, the attacker can modify firewall rules, inspect traffic, or pivot into the industrial control network protected by this appliance.
Prerequisites
- Network access to the RUGGEDCOM APE1808 appliance (typically on management/gateway network)
Remotely exploitableno authentication requiredlow complexity attackactively exploited (KEV)94.4% exploit probability (high EPSS)affects network security controls protecting OT systemscritical CVSS 9.8
Exploitability
Actively exploited — confirmed by CISA KEV
Affected products (1)
ProductAffected VersionsFix Status
RUGGEDCOM APE1808All versions7.4.3
Remediation & Mitigation
0/4
Do now
0/4HOTFIXUpdate RUGGEDCOM APE1808 Fortigate NGFW firmware to version 7.4.3 or later
HARDENINGIf immediate patching is not possible, implement network segmentation to restrict access to the RUGGEDCOM APE1808 management interfaces to authorized administrative networks only
HARDENINGEnable logging and monitoring on all connections to the RUGGEDCOM APE1808 to detect suspicious activity
WORKAROUNDContact Siemens customer support to confirm patch availability and deployment timeline for your specific firmware version
CVEs (30)
CVE-2022-23439CVE-2022-45862CVE-2023-36640CVE-2023-38545CVE-2023-38546CVE-2023-40721CVE-2023-41677CVE-2023-42785CVE-2023-42786CVE-2023-42789CVE-2023-42790CVE-2023-44247CVE-2023-44250CVE-2023-44487CVE-2023-45583CVE-2023-45586CVE-2023-46714CVE-2023-46715CVE-2023-46717CVE-2023-46718CVE-2023-47537CVE-2023-48784CVE-2024-23110CVE-2024-23112CVE-2024-23113CVE-2024-23662CVE-2024-26007CVE-2024-26011CVE-2024-40593CVE-2025-54822
↑↓ Navigate · Esc Close
API:
/api/v1/advisories/ee157572-5609-4c18-b598-081ead67b7f2