PatchSiren cyber security CVE debrief
CVE-2025-4229 Siemens CVE debrief
CVE-2025-4229 is a medium-severity information disclosure issue reported in CISA advisory ICSA-25-162-02 and tied in the source metadata to Siemens RUGGEDCOM APE1808. The supplied description says an unauthorized user who can intercept packets sent from the firewall through the SD-WAN interface may view unencrypted data. The corpus also contains a product-name mismatch, because the vulnerability text names Palo Alto Networks PAN-OS while the advisory metadata identifies Siemens RUGGEDCOM APE1808, so operators should verify the affected product against the linked Siemens advisory before acting.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 6.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-06-10
- Original CVE updated
- 2026-03-12
- Advisory published
- 2025-06-10
- Advisory updated
- 2026-03-12
Who should care
Siemens RUGGEDCOM APE1808 operators, OT/ICS network defenders, and security teams responsible for SD-WAN paths or packet-capture-capable network segments should review this issue. It matters most where an attacker could intercept traffic traversing the SD-WAN interface.
Technical summary
The supplied CVSS vector indicates a network-reachable confidentiality issue with no integrity or availability impact: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N. In the source description, the vulnerability allows an unauthorized user who can intercept packets from the firewall via the SD-WAN interface to view unencrypted data. The advisory metadata associates the issue with Siemens RUGGEDCOM APE1808, but the vulnerability text itself names Palo Alto Networks PAN-OS; that inconsistency should be validated against the vendor advisory and CISA CSAF record.
Defensive priority
Medium. Prioritize validation and patch planning if the affected product is deployed in environments where SD-WAN traffic could be intercepted, especially in segmented OT/ICS networks.
Recommended defensive actions
- Verify the affected product and version directly against Siemens ProductCERT SSA-513708 and CISA ICSA-25-162-02 before scheduling remediation.
- Contact vendor support to obtain the patch or update information referenced by the advisory, then apply it according to change-control requirements.
- Review SD-WAN traffic paths and reduce opportunities for packet interception through segmentation, trusted network paths, and access controls on monitoring points.
- Audit whether any sensitive data traverses the SD-WAN interface unencrypted and assess exposure in environments where packet capture is possible.
- Track the advisory for later revisions and confirm whether additional products or versions are added by the vendor or CISA.
Evidence notes
Primary evidence comes from the supplied CISA CSAF source item for ICSA-25-162-02, the linked Siemens ProductCERT advisory references, and the CVE.org record link. The corpus explicitly states the packet-interception condition and unencrypted-data exposure, and it also shows a metadata/content mismatch between Siemens RUGGEDCOM APE1808 and a description naming Palo Alto Networks PAN-OS. No KEV entry was provided in the source corpus.
Official resources
-
CVE-2025-4229 CVE record
CVE.org
-
CVE-2025-4229 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed on 2025-06-10 in CISA advisory ICSA-25-162-02, with subsequent source revisions through 2026-03-12. No CISA KEV listing was provided in the supplied corpus.