PatchSiren

PatchSiren cyber security CVE debrief

CVE-2024-40591 Siemens CVE debrief

CVE-2024-40591 is a high-severity privilege escalation issue in the supplied advisory text. The described flaw affects Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.9, and versions before 7.0.15. An authenticated admin with Security Fabric permission may be able to gain super-admin privileges by connecting the targeted FortiGate to a malicious upstream FortiGate they control. The supplied CISA/Siemens CSAF entry publishes the issue on 2025-02-11 and later republishes it on 2026-03-12 based on Siemens ProductCERT update history. However, the corpus also contains a product mismatch: the advisory is titled for Siemens RUGGEDCOM APE1808, while the vulnerability description and remediation text refer to Fortinet FortiOS/FortiGate. That mismatch should be treated as a source-quality concern when triaging impact.

Vendor
Siemens
Product
RUGGEDCOM APE1808
CVSS
HIGH 8.8
CISA KEV
Not listed in stored evidence
Original CVE published
2025-02-11
Original CVE updated
2026-03-12
Advisory published
2025-02-11
Advisory updated
2026-03-12

Who should care

Security teams responsible for the affected FortiOS environment described in the advisory, especially administrators with Security Fabric permissions. Also relevant to owners and operators of Siemens RUGGEDCOM APE1808 as listed in the CISA/Siemens CSAF entry, given the source mapping inconsistency in the corpus.

Technical summary

The vulnerability is an incorrect privilege assignment issue. In the supplied description, an authenticated admin with Security Fabric permission can escalate from admin-level access to super-admin by attaching the target FortiGate to a malicious upstream FortiGate under attacker control. The advisory lists affected FortiOS ranges as 7.6.0, 7.4.0-7.4.4, 7.2.0-7.2.9, and earlier than 7.0.15. The provided CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (8.8 High), which reflects network reachability, low attack complexity, and high impact if exploited successfully.

Defensive priority

High. This is a privilege-escalation flaw with full confidentiality, integrity, and availability impact in the supplied CVSS data, so systems exposing Security Fabric administration should be prioritized for review and patching.

Recommended defensive actions

  • Apply the vendor remediation listed in the advisory: update FortiGate NGFW to V7.4.7, or otherwise follow vendor support guidance for the affected branch.
  • Review which accounts have Security Fabric permission and restrict that permission to the minimum necessary administrators.
  • Audit FortiGate trust relationships and upstream/downstream Fabric connections for unexpected or untrusted peers.
  • Monitor for administrative changes or privilege transitions that could indicate abuse of Fabric-related management paths.
  • Validate whether the Siemens RUGGEDCOM APE1808 entry in your environment corresponds to FortiOS-based components before applying remediation assumptions, because the supplied corpus contains a vendor/product mismatch.

Evidence notes

Source evidence includes the CISA CSAF entry ICSA-25-044-06, the Siemens ProductCERT advisory SSA-770770 references, and the CVE record. The provided advisory text explicitly describes a Fortinet FortiOS privilege escalation via Security Fabric permission. The remediation text explicitly says to update FortiGate NGFW to V7.4.7. At the same time, the CSAF product tree names Siemens RUGGEDCOM APE1808, creating an internal inconsistency in the supplied corpus. The debrief therefore preserves the CVE description and remediation while flagging the product mapping as unconfirmed from the provided materials.

Official resources

Published by CISA on 2025-02-11 and republished/updated on 2026-03-12 based on Siemens ProductCERT SSA-770770 advisory history. The supplied corpus does not indicate KEV inclusion.