ICSA-25-226-09 · Published 2026-01-14 · View on CISA ICS-CERT ↗

Siemens RUGGEDCOM APE1808

CVSS 8.1 HIGH

CVEs (11)

CVE-2024-13089 CVE-2024-13090 CVE-2025-1501 CVE-2025-3718 CVE-2025-3719 CVE-2025-40885 CVE-2025-40886 CVE-2025-40887 CVE-2025-40888 CVE-2025-40889 CVE-2025-40890

Remediations

Only install update packages from trusted sources. Refer upstream advisory for further information.
Upgrade Nozomi Guardian / CMC to V25.4.0. Using Web GUI might have errors and it is recommended to use the CLI for the upgrade. Contact customer support to receive patch and update information
Use internal firewall features to limit access to the web management interface. Refer upstream advisory for further information.
Apply care when opening untrusted links or visiting external websites while an authenticated session to the web management interface is established
Use internal firewall features to limit access to the web management interface. Review all accounts with access to it and delete unnecessary ones

Affected Vendors

Siemens

Affected Products (1)

Siemens · RUGGEDCOM APE1808 vers:all/*

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more