PatchSiren cyber security CVE debrief
CVE-2024-13090 Siemens CVE debrief
A privilege escalation vulnerability in Siemens RUGGEDCOM APE1808 allows a local service account to elevate privileges due to excessively permissive sudo rules. The vulnerability has a CVSS 3.1 score of 7.0 (HIGH severity). An attacker who can execute arbitrary commands as the affected service account could potentially gain administrative access to the system. The vulnerability was published on August 12, 2025, and the advisory was last modified on January 14, 2026. CISA republished this advisory from Siemens ProductCERT SSA-978177. A vendor fix is available requiring upgrade to Nozomi Guardian / CMC V25.4.0, with CLI upgrade recommended over Web GUI.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- HIGH 7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-01-14
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-01-14
Who should care
Organizations operating Siemens RUGGEDCOM APE1808 devices in industrial environments, particularly those in critical infrastructure sectors where privilege escalation could lead to operational disruption or safety impacts.
Technical summary
CVE-2024-13090 is a privilege escalation vulnerability in Siemens RUGGEDCOM APE1808 industrial networking equipment. The root cause is excessively permissive sudo rules configured for a local service account, which could allow an attacker with the ability to execute commands as that account to gain administrative privileges. The vulnerability requires local access (AV:L), high attack complexity (AC:H), and low privileges (PR:L), but successful exploitation yields high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). The vendor has released a fix in Nozomi Guardian / CMC V25.4.0.
Defensive priority
HIGH
Recommended defensive actions
- Upgrade Nozomi Guardian / CMC to V25.4.0 using CLI rather than Web GUI to avoid potential errors
- Contact Siemens customer support to receive patch and update information
- Review and restrict sudo privileges for all service accounts to principle of least privilege
- Monitor for unauthorized privilege escalation attempts on affected systems
- Apply defense-in-depth strategies for industrial control systems per CISA guidance
Evidence notes
CVE published 2025-08-12; advisory modified 2026-01-14 with CISA republication of Siemens ProductCERT SSA-978177. Remediation added in Revision 2 (2025-11-17).
Official resources
-
CVE-2024-13090 CVE record
CVE.org
-
CVE-2024-13090 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12