PatchSiren cyber security CVE debrief
CVE-2024-26008 Siemens CVE debrief
CVE-2024-26008 is a medium-severity vulnerability (CVSS 5.3) affecting the Fortinet FortiGate Management Protocol (fgfm) daemon. The vulnerability stems from improper handling of exceptional conditions (CWE-703) in FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager products. An unauthenticated attacker can exploit this flaw by sending crafted SSL-encrypted TCP requests to repeatedly reset the fgfm connection, resulting in a denial-of-service condition. The vulnerability was disclosed on July 9, 2024, and affects FortiOS versions 7.4.0 through 7.4.3 and before 7.2.7, FortiProxy versions 7.4.0 through 7.4.3 and before 7.2.9, FortiPAM before 1.2.0, and FortiSwitchManager versions 7.2.0 through 7.2.3 and 7.0.0 through 7.0.3. Siemens RUGGEDCOM APE1808 devices incorporate affected Fortinet NGFW components and are consequently vulnerable. The vendor fix requires updating the Fortigate NGFW component to version 7.4.4, with customers directed to contact Siemens customer support to obtain patch and update information.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-07-09
- Original CVE updated
- 2026-01-14
- Advisory published
- 2024-07-09
- Advisory updated
- 2026-01-14
Who should care
Organizations operating Siemens RUGGEDCOM APE1808 devices in industrial control system (ICS) environments, particularly those with exposed or inadequately segmented management interfaces. Security teams responsible for OT/ICS infrastructure availability and network administrators managing Fortinet-based security components within industrial networks.
Technical summary
The fgfm (FortiGate Management Protocol) daemon contains an improper exception handling vulnerability that fails to properly validate or handle exceptional conditions when processing SSL-encrypted TCP requests. This allows an unauthenticated remote attacker to craft malicious requests that trigger repeated connection resets, disrupting management connectivity. The vulnerability affects multiple Fortinet product lines integrated into Siemens RUGGEDCOM APE1808 industrial networking devices.
Defensive priority
medium
Recommended defensive actions
- Contact Siemens customer support to obtain Fortigate NGFW V7.4.4 patch and update information for RUGGEDCOM APE1808 devices
- Review network segmentation to limit exposure of fgfm management interfaces to untrusted networks
- Monitor for repeated connection resets on fgfm daemon as potential exploitation indicator
- Apply defense-in-depth strategies per ICS-CERT recommended practices for industrial control systems
Evidence notes
CVE description and affected product versions derived from CISA CSAF advisory ICSA-24-193-02. Vendor attribution to Siemens and product identification as RUGGEDCOM APE1808 confirmed through CSAF product tree. Remediation guidance specifies Fortigate NGFW update to V7.4.4 with customer support contact for patch delivery. Advisory revision history shows CVE-2024-26008 was added in Revision 9 on November 11, 2025.
Official resources
-
CVE-2024-26008 CVE record
CVE.org
-
CVE-2024-26008 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-07-09