PatchSiren cyber security CVE debrief
CVE-2024-33510 Siemens CVE debrief
CVE-2024-33510 is a medium-severity injection vulnerability (CWE-74) affecting Fortinet SSL-VPN web interfaces, with impact to Siemens RUGGEDCOM APE1808 deployments. Published 2024-07-09 and last modified 2026-01-14, this vulnerability stems from improper neutralization of special elements in output used by downstream components. The flaw exists in FortiOS versions 7.4.3 and below, 7.2.8 and below, and 7.0.16 and below; FortiProxy versions 7.4.3 and below, 7.2.9 and below, and 7.0.16 and below; and FortiSASE version 24.2.b. A remote unauthenticated attacker can exploit this via crafted requests to perform phishing attempts against SSL-VPN users. The CVSS 3.1 score of 4.3 reflects network attack vector, low attack complexity, no required privileges, but user interaction required, with low integrity impact and no confidentiality or availability impact. Siemens added this CVE to their RUGGEDCOM APE1808 advisory in December 2024 (Revision 4, 2024-12-10) as an upstream vulnerability inherited from the Fortinet NGFW component. The vendor fix requires updating FortiGate NGFW to version 7.4.4, with customers directed to contact Siemens customer support to receive patch and update information. No known exploitation in ransomware campaigns has been reported, and this CVE is not listed in CISA's Known Exploited Vulnerabilities catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 4.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-07-09
- Original CVE updated
- 2026-01-14
- Advisory published
- 2024-07-09
- Advisory updated
- 2026-01-14
Who should care
Organizations operating Siemens RUGGEDCOM APE1808 industrial networking platforms with FortiGate NGFW SSL-VPN functionality, OT security teams managing remote access to industrial control systems, and administrators of Fortinet SSL-VPN deployments in critical infrastructure environments
Technical summary
Improper neutralization of special elements in output (CWE-74) in Fortinet SSL-VPN web interfaces allows remote unauthenticated attackers to conduct phishing via crafted requests. Affects FortiOS ≤7.4.3/≤7.2.8/≤7.0.16, FortiProxy ≤7.4.3/≤7.2.9/≤7.0.16, FortiSASE 24.2.b, and Siemens RUGGEDCOM APE1808 with embedded FortiGate NGFW. Fixed in FortiGate NGFW V7.4.4.
Defensive priority
medium
Recommended defensive actions
- Contact Siemens customer support to obtain FortiGate NGFW V7.4.4 patch and update instructions for RUGGEDCOM APE1808 deployments
- Review SSL-VPN access logs for suspicious crafted requests targeting the web interface
- Implement network segmentation to limit SSL-VPN interface exposure
- Apply CISA ICS recommended practices for defense-in-depth strategies
- Monitor Fortinet security advisories for additional updates to FortiOS, FortiProxy, and FortiSASE components
Evidence notes
CVE description and remediation details sourced from CISA CSAF advisory ICSA-24-193-02. Siemens revision history confirms CVE added 2024-12-10. CVSS vector and score from source item metadata. Vendor fix specifies FortiGate NGFW V7.4.4 with customer support contact required for patch delivery.
Official resources
-
CVE-2024-33510 CVE record
CVE.org
-
CVE-2024-33510 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-07-09