ICSA-24-116-03
·
Published 2024-07-09
·
View on CISA ICS-CERT ↗
Siemens RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual NGFW
CVSS 10.0
CRITICAL
CISA KEV — Known Exploited
CVEs (1)
Remediations
- Customers with a Threat Prevention subscription can block attacks for this vulnerability using Threat IDs 95187, 95189, and 95191 (available in Applications and Threats content version 8836-8695 and later). For further instruction see Palo Alto Network's upstream notification (https://security.paloaltonetworks.com/CVE-2024-3400)
- Disable GlobalProtect gateway and GlobalProtect portal; note that these features are disabled by default in RUGGEDCOM APE1808 deployments
- Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information.
Affected Vendors
Siemens
Affected Products (1)
Siemens
·
RUGGEDCOM APE1808
All_versions_with_Palo_Alto_Networks_Virtual_NGFW_configured_with_GlobalProtect_gateway_or_GlobalProtect_portal_(or_both).
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more