ICSA-24-338-02 · Published 2025-06-10 · View on CISA ICS-CERT ↗

Siemens RUGGEDCOM APE1808

CVSS 10.0 CRITICAL CISA KEV — Known Exploited

CVEs (18)

CVE-2024-0012 CVE-2024-2550 CVE-2024-2552 CVE-2024-3393 CVE-2024-9474 CVE-2025-0108 CVE-2025-0109 CVE-2025-0110 CVE-2025-0111 CVE-2025-0115 CVE-2025-0116 CVE-2025-0123 CVE-2025-0124 CVE-2025-0125 CVE-2025-0126 CVE-2025-0128 CVE-2025-0130 CVE-2025-0137

Remediations

Exposure can be reduced by limiting access to the management interface to trusted internal IP addresses as described in Palo Alto Networks' Security Advisory
Upgrade Palo Alto Networks Virtual NGFW V11.1.8. Contact customer support to receive patch and update information
For upstream mitigation measures, refer to Palo Alto Networks' Security Advisory
Follow the remediation available in Palo Alto Networks' Security Advisory
Exposure can be reduced by restricting access to a jump box that is the only system allowed to access the management interface. This ensures that attacks can succeed only if they obtain privileged access through those specified internal IP addresses Palo Alto Networks' Security Advisory
Exposure can be reduced by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses Palo Alto Networks' Security Advisory
Disable web proxy feature if not necessary. Palo Alto Networks' Security Advisory

Affected Vendors

Siemens

Affected Products (7)

Siemens · RUGGEDCOM APE1808 vers:all/*

Affected Sectors

Energy

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more