CVE-2023-0008 Siemens CVE debrief

Who should care

Organizations operating Siemens RUGGEDCOM APE1808 devices with Palo Alto Networks PAN-OS software, particularly those in industrial control system (ICS/OT) environments where firewall integrity is critical for network segmentation and security.

Technical summary

This vulnerability exists in Palo Alto Networks PAN-OS software and allows an authenticated read-write administrator with web interface access to exploit a race condition to export local files from the firewall. The attack requires network access (AV:N), high attack complexity (AC:H), and high privileges (PR:H). The confidentiality impact is high (C:H) with no integrity or availability impact. The vulnerability is exploitable in the wild (E:P) with a fix available (RL:O).

Defensive priority

medium

Recommended defensive actions

• Apply the vendor-provided upgrade to Palo Alto Networks Virtual NGFW V11.0.1
• Contact Siemens customer support to receive patch and update information
• Review and implement CISA ICS recommended practices for defense-in-depth security
• Monitor for additional updates to CISA advisory ICSA-24-102-03, which has been revised twice since initial publication

Evidence notes

The vulnerability description and remediation details are sourced from CISA CSAF advisory ICSA-24-102-03. The affected product (Siemens RUGGEDCOM APE1808) and vendor fix information are explicitly documented in the source material.

Official resources