CVE-2025-4614 Siemens CVE debrief

Who should care

Security administrators, OT operators, and support teams responsible for the affected advisory target, especially environments that allow broad administrator access to the web UI or rely on session-based access control.

Technical summary

The supplied advisory data rates this issue CVSS 3.1 3.4 (AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:N). The vulnerability is an information disclosure condition: a high-privilege authenticated administrator can see session tokens associated with other users authenticated to the web UI. If those tokens remain valid, they could be used to impersonate the affected users. No integrity or availability impact is indicated in the vector.

Defensive priority

Low

Recommended defensive actions

• Restrict CLI and administrative access to a limited set of trusted administrators.
• Contact the vendor/customer support channel referenced in the advisory to obtain patch and update guidance.
• Review whether web UI session handling and administrator privileges are tightly scoped in the affected deployment.
• Monitor for unauthorized access to privileged administrative functions and review session/token management practices.

Evidence notes

The supplied source item is CISA advisory ICSA-25-162-02, published 2025-06-10 and modified/republished through 2026-03-12. The advisory metadata maps CVE-2025-4614 to Siemens RUGGEDCOM APE1808 and includes remediation guidance to restrict CLI access and contact customer support for patch/update information. The descriptive text in the corpus states that an authenticated administrator may view session tokens of users authenticated to the web UI, enabling impersonation. The corpus also contains a product/description mismatch, because the description text names Palo Alto Networks PAN-OS while the product tree names Siemens RUGGEDCOM APE1808; downstream users should verify against the linked official advisory pages.

Official resources