Siemens has released an advisory on vulnerabilities in its RUGGEDCOM APE 1808, dated July 11, 2024. These issues, impacting versions with Fortinet NGFW, include a stack-based buffer overflow, inadequate password hash security, and cross-site scripting. The flaws allow attackers to execute unauthorized code, decrypt backup files, and perform malicious actions via crafted CLI commands.
The vulnerabilities, identified with CVE-2023-46720, CVE-2024-21754, and CVE-2024-23111, carry CVSS base scores ranging from 6.7 to 7.5. They affect Fortinet FortiOS and other related products, posing risks such as unauthorized command execution and JavaScript code injection through web interfaces. These issues impact sectors like communications, manufacturing, energy, and transportation globally.
Siemens recommends updating to the latest version and following security guidelines to mitigate these vulnerabilities. The company advises protecting network access and applying patches as part of a broader security strategy. Siemens’ industrial security webpage provides additional resources and recommendations.
The Cybersecurity and Infrastructure Security Agency (CISA) also stresses minimizing network exposure and using secure methods for remote access. CISA’s guidelines include protecting control system devices behind firewalls and employing updated Virtual Private Networks (VPNs) to enhance security.