CVE-2025-0114 Siemens CVE debrief

Who should care

Organizations operating Siemens RUGGEDCOM APE1808 devices with Palo Alto Networks Virtual NGFW, particularly in industrial and critical infrastructure environments. Security teams responsible for OT/ICS network protection and availability of remote access VPN services.

Technical summary

CVE-2025-0114 is a Denial of Service vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software. An unauthenticated attacker can exploit this vulnerability by sending a large number of specially crafted packets over time to render the GlobalProtect portal and gateway services unavailable. The vulnerability has a CVSS 3.1 score of 5.9 (MEDIUM) with the vector AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H, indicating network attack vector, high attack complexity, no privileges required, no user interaction, unchanged scope, and high availability impact. The vulnerability affects Siemens RUGGEDCOM APE1808 industrial devices running Palo Alto Networks Virtual NGFW. A vendor fix is available in Virtual NGFW V11.1.4-h1.

Defensive priority

medium

Recommended defensive actions

• Upgrade Palo Alto Networks Virtual NGFW to version V11.1.4-h1. Contact customer support to receive patch and update information.
• Configure network segmentation to restrict access to GlobalProtect portal and gateway interfaces from untrusted networks.
• Monitor for anomalous traffic patterns targeting GlobalProtect services, particularly high volumes of specially crafted packets.
• Apply defense-in-depth strategies for industrial control systems as recommended by CISA.

Evidence notes

CVE published 2024-07-09; modified 2026-01-14. Advisory ICSA-24-193-11 republished by CISA on 2026-01-14 as republication of Siemens ProductCERT SSA-364175. CVSS 3.1 vector: AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H.

Official resources