CVE-2025-47295 Siemens CVE debrief

Who should care

Organizations operating Siemens RUGGEDCOM APE1808 industrial platforms with FortiGate NGFW components, particularly in critical infrastructure and OT environments where management plane availability is essential.

Technical summary

The vulnerability exists in the FortiOS FGFM daemon, which handles communication between FortiGate devices and FortiManager. A buffer over-read can be triggered by a specially crafted network request, resulting in daemon crash and loss of management connectivity. Attack complexity is high due to rare conditions required for successful exploitation. The vulnerability affects the FortiGate NGFW component within the Siemens RUGGEDCOM APE1808 platform.

Defensive priority

routine

Recommended defensive actions

• Contact Siemens customer support to obtain patch and update information for FortiGate NGFW version 7.4.4
• Apply the vendor fix to affected RUGGEDCOM APE1808 deployments
• Monitor CISA ICS advisories for updates to ICSA-24-193-02
• Review ICS-CERT recommended practices for defense-in-depth strategies
• Assess network segmentation to limit exposure of FGFM daemon interfaces

Evidence notes

The vulnerability description and remediation details are sourced from CISA CSAF advisory ICSA-24-193-02, which tracks upstream FortiOS vulnerabilities affecting the Siemens RUGGEDCOM APE1808 platform. The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L) indicates network attack vector with high attack complexity, no privileges required, and low availability impact. The advisory revision history confirms CVE-2025-47295 was added in Revision 7 dated 2025-06-10.

Official resources