ICSA-24-137-11
·
Published 2024-05-14
·
View on CISA ICS-CERT ↗
Siemens RUGGEDCOM APE1808
CVSS 7.5
HIGH
CVEs (2)
Remediations
- Create specific users for OpenAPI usage, with minimal permissions. Limit API keys to allowed IP addresses. Regenerate existing API keys periodically and to review sign-ins via API keys in the audit records
- Upgrade Nozomi Guardian / CMC to V23.4.1. Contact customer support to receive patch and update information.
Affected Vendors
Siemens
Affected Products (2)
Siemens
·
RUGGEDCOM APE1808LNX (6GK6015-0AL20-0GH0)
<with_Nozomi_Guardian_/_CMC_23.4.1
Siemens
·
RUGGEDCOM APE1808LNX CC (6GK6015-0AL20-0GH1)
<with_Nozomi_Guardian_/_CMC_23.4.1
Affected Sectors
Multiple
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more