PatchSiren cyber security CVE debrief
CVE-2023-46720 Siemens CVE debrief
A stack-based buffer overflow vulnerability exists in Fortinet FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.7, 7.0.0 through 7.0.12, 6.4.6 through 6.4.15, 6.2.9 through 6.2.16, and 6.0.13 through 6.0.18. This vulnerability allows an attacker with high privileges to execute unauthorized code or commands via specially crafted CLI commands. The vulnerability affects Siemens RUGGEDCOM APE1808, which incorporates the affected Fortinet FortiOS component. The issue was published on July 9, 2024, and has a CVSS 3.1 score of 6.7 (MEDIUM severity). The attack vector is local, requiring low attack complexity and high privileges, with no user interaction needed. Successful exploitation can result in high impacts to confidentiality, integrity, and availability.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 6.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-07-09
- Original CVE updated
- 2026-01-14
- Advisory published
- 2024-07-09
- Advisory updated
- 2026-01-14
Who should care
Organizations operating Siemens RUGGEDCOM APE1808 devices in industrial control system environments, critical infrastructure operators, network security administrators responsible for Fortinet FortiOS deployments, and compliance teams tracking CVE remediation for OT/ICS security frameworks.
Technical summary
CVE-2023-46720 is a stack-based buffer overflow in Fortinet FortiOS that affects multiple versions from 6.0.13 through 7.4.1. The vulnerability is triggered through specially crafted CLI commands and can lead to unauthorized code execution. The attack requires local access and high privileges (administrative), but successful exploitation yields complete system compromise with high impact to confidentiality, integrity, and availability. The vulnerability is particularly significant in industrial environments where Siemens RUGGEDCOM APE1808 devices are deployed, as these systems often serve critical infrastructure functions. The CVSS 3.1 score of 6.7 reflects the constrained attack surface (local, high privileges) balanced against severe impact potential.
Defensive priority
HIGH
Recommended defensive actions
- Apply the vendor fix by updating Fortigate NGFW to version 7.4.4. Contact Siemens customer support to receive patch and update information for RUGGEDCOM APE1808 systems.
- Restrict CLI access to authorized administrators only, implementing principle of least privilege for all administrative accounts.
- Monitor CLI command logs for anomalous or unexpected command patterns that may indicate exploitation attempts.
- Implement network segmentation to isolate affected systems from untrusted networks, limiting lateral movement opportunities.
- Follow CISA ICS recommended practices for defense-in-depth strategies in industrial control system environments.
Evidence notes
The vulnerability description and affected versions are sourced from the CISA CSAF advisory ICSA-24-193-02. The CVSS vector (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) indicates a local attack vector with high privilege requirements but severe impact if exploited. The advisory was last modified on January 14, 2026, with multiple revisions tracking additional upstream vulnerabilities and remediation updates.
Official resources
-
CVE-2023-46720 CVE record
CVE.org
-
CVE-2023-46720 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
This vulnerability was disclosed through coordinated disclosure. The CVE was published on July 9, 2024, with the source advisory ICSA-24-193-02 issued by CISA. Siemens has acknowledged this as an upstream vulnerability in the Fortinet Forti