PatchSiren cyber security CVE debrief
CVE-2024-36505 Siemens CVE debrief
CVE-2024-36505 is an improper access control vulnerability (CWE-284) affecting FortiOS versions 7.4.0 through 7.4.3, 7.2.5 through 7.2.7, 7.0.12 through 7.0.14, and 6.4.x. The vulnerability was published on July 9, 2024, and most recently modified on January 14, 2026. It was added to the CISA ICS advisory ICSA-24-193-02 on September 10, 2024, as documented in the revision history. Siemens RUGGEDCOM APE1808, which incorporates Fortinet NGFW technology, is affected by this upstream FortiOS vulnerability. The issue allows an attacker who has already obtained write access to the underlying system through a separate exploit to bypass the file integrity checking system. This is a post-compromise vulnerability requiring prior system access, limiting its exploitability but representing a significant persistence mechanism if initial access is achieved. The CVSS 3.1 score of 5.1 (MEDIUM) reflects the high attack complexity and local attack vector requirements. Siemens released a fix in October 2024, directing customers to update the Fortigate NGFW component to version 7.4.4 and contact customer support for patch and update information.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 5.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-07-09
- Original CVE updated
- 2026-01-14
- Advisory published
- 2024-07-09
- Advisory updated
- 2026-01-14
Who should care
Organizations operating Siemens RUGGEDCOM APE1808 devices with integrated Fortinet NGFW functionality, particularly in industrial control system (ICS) environments. Security teams responsible for network security appliances, OT security practitioners, and infrastructure administrators managing FortiOS-based systems should prioritize this patch to prevent attackers from maintaining persistence through file integrity check bypass after initial compromise.
Technical summary
This vulnerability exists in FortiOS versions 7.4.0-7.4.3, 7.2.5-7.2.7, 7.0.12-7.0.14, and 6.4.x. The improper access control weakness (CWE-284) enables an attacker with existing write access to the underlying system—gained through a separate hypothetical exploit—to circumvent the file integrity checking mechanism. The attack requires local access with high complexity and no privileges, resulting in a high impact to integrity (no confidentiality or availability impact). The vulnerability is contingent on prior compromise, making it a persistence-enabling flaw rather than an initial access vector.
Defensive priority
medium
Recommended defensive actions
- Update Fortigate NGFW to version 7.4.4 on affected Siemens RUGGEDCOM APE1808 devices
- Contact Siemens customer support to receive patch and update information for the Fortinet NGFW component
- Verify file integrity checking systems are functioning correctly after patching
- Apply defense-in-depth strategies for industrial control systems per CISA guidance
- Monitor for indicators of prior compromise that could enable exploitation of this vulnerability
Evidence notes
CVE published 2024-07-09 per source metadata. Added to ICSA-24-193-02 on 2024-09-10 (Revision 2). Fix information added 2024-10-08 (Revision 3).
Official resources
-
CVE-2024-36505 CVE record
CVE.org
-
CVE-2024-36505 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-07-09