PatchSiren cyber security CVE debrief
CVE-2023-38046 Siemens CVE debrief
CVE-2023-38046 is a medium-severity vulnerability (CVSS 5.5) affecting Siemens RUGGEDCOM APE1808, published on 2024-04-09 and last modified on 2024-12-10. The vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system. This vulnerability requires high privileges (PR:H) and has a network attack vector (AV:N) with low attack complexity (AC:L), resulting in high confidentiality impact (C:H) and low integrity impact (I:L). The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog. Siemens has provided a vendor fix through customer support channels.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2024-12-10
- Advisory published
- 2024-04-09
- Advisory updated
- 2024-12-10
Who should care
Organizations operating Siemens RUGGEDCOM APE1808 industrial networking equipment, particularly in critical infrastructure environments such as energy, transportation, and manufacturing. Security teams responsible for industrial control system (ICS) security, network administrators managing Palo Alto Networks NGFW deployments on RUGGEDCOM platforms, and compliance officers overseeing NERC CIP or similar industrial security frameworks should prioritize assessment and remediation.
Technical summary
This vulnerability allows an authenticated administrator with configuration commit privileges to read arbitrary local files from the affected system. The attack requires network access and valid high-privilege credentials. The vulnerability stems from improper input validation or path traversal in the configuration commit process of PAN-OS software. Successful exploitation could expose sensitive system files, credentials, or configuration data. The vulnerability has been assigned CVSS 3.1 score 5.5 (MEDIUM) with the vector indicating network attack vector, low complexity, high privileges required, no user interaction, and high confidentiality impact with low integrity impact.
Defensive priority
medium
Recommended defensive actions
- Contact Siemens customer support to obtain patch and update information for RUGGEDCOM APE1808
- Upgrade to Palo Alto Networks Virtual NGFW V11.0.1 as specified in vendor remediation guidance
- Review and restrict administrative privileges to only trusted personnel with legitimate configuration commit needs
- Monitor for unauthorized configuration changes or suspicious administrative activity
- Apply defense-in-depth strategies for industrial control systems per CISA recommended practices
- Ensure network segmentation to limit exposure of management interfaces
Evidence notes
The vulnerability description indicates this affects Palo Alto Networks PAN-OS software integrated with Siemens RUGGEDCOM APE1808. The CVSS vector CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C confirms network accessibility with high privilege requirements. The source advisory ICSA-24-102-03 was published by CISA on 2024-04-09 and underwent two revisions: on 2024-08-13 (adding CVE-2024-5911) and on 2024-12-10 (adding CVE-2024-5917).
Official resources
-
CVE-2023-38046 CVE record
CVE.org
-
CVE-2023-38046 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-04-09