CVE-2024-5913 Siemens CVE debrief

Who should care

Organizations operating Siemens RUGGEDCOM APE1808 devices with Palo Alto Networks Virtual NGFW in industrial environments, critical infrastructure operators, OT security teams, and asset owners responsible for maintaining secure configurations of industrial network security appliances.

Technical summary

CVE-2024-5913 is an improper input validation vulnerability in Palo Alto Networks PAN-OS software. The vulnerability allows an attacker with physical file system access to elevate privileges. The attack vector is physical (AV:P), with low attack complexity (AC:L) and no privileges required (PR:N). The vulnerability has high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). This affects the Siemens RUGGEDCOM APE1808, an industrial computing platform that runs Palo Alto Networks Virtual NGFW. The vulnerability was remediated in Palo Alto Networks Virtual NGFW V11.1.4-h1. The CVSS v3.1 base score is 6.8 (Medium severity).

Defensive priority

medium

Recommended defensive actions

• Upgrade Palo Alto Networks Virtual NGFW to version V11.1.4-h1 or later. Contact customer support to receive patch and update information.
• Restrict physical access to RUGGEDCOM APE1808 devices to authorized personnel only.
• Implement network segmentation to isolate management interfaces from operational networks.
• Apply defense-in-depth strategies for industrial control systems per CISA guidance.

Evidence notes

CVE published 2024-07-09. CISA CSAF advisory ICSA-24-193-11 published same date. Advisory revised multiple times through January 2026 to add related CVEs and fix version information. Vendor fix identified as Palo Alto Networks Virtual NGFW V11.1.4-h1.

Official resources