Siemens alerts for patching of RUGGEDCOM APE1808 Devices CPalo Alto Networks Virtual NGFW
Take action: If you are using Siemens RUGGEDCOM APE1808 devices with Palo Alto Networks Virtual NGFW, patch them ASAP. Usually in industrial setting they are in a separate isolated network, but if they are visible on the internet, don't delay.
Learn More
Siemens has reported a critical vulnerability in their RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual NGFW, specifically within the GlobalProtect gateway or portal configurations.
The vulnerability, designated as CVE-2024-3400 (CVSS score 10) is a command injection vulnerability, allowing unauthenticated attackers to execute arbitrary code with root privileges on the affected firewall systems. The issue affects all versions of the RUGGEDCOM APE1808 when configured with the specified Palo Alto features.
To mitigate this risk, Siemens advises users to contact customer support for patching information and update procedures. Additionally, it is recommended to disable the GlobalProtect gateway and portal features, which are not enabled by default. For customers with a Threat Prevention subscription, Siemens suggests using Threat IDs 95187, 95189, and 95191 to block potential attacks, applicable from Applications and Threats content version 8836-8695 onwards.
