PatchSiren cyber security CVE debrief
CVE-2024-46666 Siemens CVE debrief
CVE-2024-46666 was publicly disclosed in the Siemens ProductCERT/CISA advisory on 2025-02-11 and later republised by CISA on 2026-03-12. The supplied corpus describes a remote unauthenticated denial-of-service condition that can prevent access to the GUI through specially crafted requests to specific endpoints. The advisory metadata ties the issue to Siemens RUGGEDCOM APE1808, but the vulnerability description text references FortiOS versions, so applicability should be verified directly against the Siemens advisory before any operational action.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2026-03-12
- Advisory published
- 2025-02-11
- Advisory updated
- 2026-03-12
Who should care
Siemens RUGGEDCOM APE1808 owners, OT/ICS administrators, network and security teams responsible for device management interfaces, and anyone exposing the GUI to untrusted or flat networks.
Technical summary
The advisory text describes a CWE-770 resource-allocation-without-limits condition. In practice, a remote unauthenticated attacker can send specially crafted requests to specific endpoints and cause the GUI to become unavailable. The CVSS vector provided in the source is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L, indicating network access, no privileges, no user interaction, and limited availability impact. The source corpus is internally inconsistent: the metadata points to Siemens RUGGEDCOM APE1808 and Siemens/CISA advisory identifiers, while the description names FortiOS versions. Treat that mismatch as a validation requirement, not as a resolved fact.
Defensive priority
Medium priority. Address promptly if the management GUI is reachable from broader networks or if the device is operationally critical.
Recommended defensive actions
- Confirm applicability against Siemens ProductCERT advisory SSA-770770 and CISA advisory ICSA-25-044-06 before changing production systems.
- Restrict GUI access to trusted management networks only; use IP allowlisting, VPN, or jump hosts where possible.
- Monitor for repeated or abnormal requests to the affected endpoints and for unexpected GUI unavailability.
- Apply vendor-recommended updates or mitigations once applicability is verified; do not rely on the corrupted product mapping in the supplied corpus alone.
- Segment OT/ICS management traffic and follow CISA defense-in-depth and ICS recommended practices to reduce management-plane exposure.
- Plan a recovery path for GUI unavailability, including out-of-band management and configuration backup validation.
Evidence notes
The source corpus includes a CISA CSAF item and Siemens advisory references, but the vulnerability description is inconsistent with the vendor/product metadata. Specifically, the advisory metadata names Siemens RUGGEDCOM APE1808 and Siemens ProductCERT identifiers (SSA-770770 / ICSA-25-044-06), while the description text references FortiOS versions and a remediation field mentions Fortigate NGFW V7.4.7. Because of this mismatch, the safe interpretation is that the corpus documents a network-reachable GUI denial-of-service issue, but product-specific applicability must be verified directly from the official Siemens advisory pages.
Official resources
-
CVE-2024-46666 CVE record
CVE.org
-
CVE-2024-46666 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed on 2025-02-11 in the Siemens ProductCERT/CISA advisory set; CISA issued a republication update on 2026-03-12.