ICSA-25-044-06
·
Published 2026-03-12
·
View on CISA ICS-CERT ↗
Siemens RUGGEDCOM APE1808
CVSS 9.8
CRITICAL
CISA KEV — Known Exploited
CVEs (30)
CVE-2022-42475
CVE-2023-27997
CVE-2024-3596
CVE-2024-21762
CVE-2024-26013
CVE-2024-35279
CVE-2024-36504
CVE-2024-40591
CVE-2024-45324
CVE-2024-46665
CVE-2024-46666
CVE-2024-46668
CVE-2024-46669
CVE-2024-46670
CVE-2024-47569
CVE-2024-48884
CVE-2024-48885
CVE-2024-48886
CVE-2024-50563
CVE-2024-50565
CVE-2024-50571
CVE-2024-52965
CVE-2024-54021
CVE-2025-22251
CVE-2025-22252
CVE-2025-22254
CVE-2025-22258
CVE-2025-25252
CVE-2025-58325
CVE-2025-68686
Remediations
- Refer to Fortinet Blog for mitigation measures https://www.fortinet.com/blog/psirt-blogs/analysis-of-threat-actor-activity
- Update Fortigate NGFW to V7.4.7. Contact customer support to receive patch and update information
- Use RADIUS over TLS (aka RADSEC) (https://fortiguard.fortinet.com/psirt/FG-IR-24-255)
- For each interface, remove the fabric service or block CAPWAP-CONTROL access to port 5246 through a local-in policy (see https://fortiguard.fortinet.com/psirt/FG-IR-24-160)
- Use alternate authentication mechanism such as PAP, MSCHAP, and CHAP configurations other than ASCII authentication (see https://www.fortiguard.com/psirt/FG-IR-24-472)
Affected Vendors
Siemens
Affected Products (4)
Siemens
·
RUGGEDCOM APE1808
vers:all/*
Siemens
·
RUGGEDCOM APE1808
vers:all/*
Siemens
·
RUGGEDCOM APE1808
vers:all/*
Siemens
·
RUGGEDCOM APE1808
vers:all/*
Affected Sectors
Critical Manufacturing
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more