PatchSiren cyber security CVE debrief
CVE-2025-55018 Siemens CVE debrief
CVE-2025-55018 describes an unauthenticated HTTP request smuggling issue in Fortinet FortiOS that can let an attacker send a specially crafted request through firewall policy handling without it being logged. The advisory rates it CVSS 5.8 (medium) and indicates the main concern is improper request interpretation rather than code execution or service outage. The supplied remediation is to update FortiGate NGFW to version 7.4.10 or later, with the advisory context published by CISA on 2026-03-10 and later republished updates noted through 2026-05-14.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 5.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-10
- Original CVE updated
- 2026-05-14
- Advisory published
- 2026-03-10
- Advisory updated
- 2026-05-14
Who should care
FortiOS and FortiGate administrators, network security teams, and defenders responsible for perimeter logging and policy enforcement should review this issue. It is especially relevant where Fortinet devices are used as inspection or policy gateways and where unlogged traffic would reduce detection or audit visibility.
Technical summary
The source description says an inconsistent interpretation of HTTP requests can allow request smuggling via a specially crafted header. The attacker does not need authentication, and the impact described is that an HTTP request may pass through firewall policies without being logged. The supplied CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N, which aligns with a network-reachable issue that primarily affects integrity and monitoring rather than confidentiality or availability.
Defensive priority
Medium. This is not described as a remote code execution or denial-of-service issue, but it is network-reachable, unauthenticated, and can undermine logging and policy enforcement. Prioritize it if affected FortiOS/FortiGate devices are internet-facing or sit in sensitive trust boundaries.
Recommended defensive actions
- Upgrade FortiGate NGFW to version 7.4.10 or later, per the supplied remediation guidance.
- Inventory FortiOS/FortiGate deployments against the affected version ranges listed in the advisory.
- Review logging and monitoring coverage on affected gateways to detect any missing or anomalous HTTP policy events.
- Use the official Siemens/CISA advisory references to confirm the correct remediation path for your specific device model and release track.
- Treat the source metadata carefully: the supplied advisory record contains a Fortinet FortiOS description but also mismatched Siemens RUGGEDCOM product metadata.
Evidence notes
Evidence comes from the supplied CISA CSAF source item and its linked official references. The CVE description states: FortiOS 7.6.0, 7.4.0 through 7.4.9, 7.2 all versions, 7.0 all versions, and 6.4.3 through 6.4.16 may allow an unauthenticated attacker to smuggle an unlogged HTTP request through firewall policies via a specially crafted header. The advisory metadata also includes the remediation 'Update Fortigate NGFW to V7.4.10 or later version.' Timing should be read from the CVE/source published dates (2026-03-10) and modified dates (2026-05-14), not from any generation or review time. Note: the supplied record contains an internal product/vendor mismatch, listing Siemens RUGGEDCOM APE1808 metadata alongside a Fortinet FortiOS vulnerability description and remediation guidance.
Official resources
-
CVE-2025-55018 CVE record
CVE.org
-
CVE-2025-55018 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Public advisory information was published on 2026-03-10 and later updated through 2026-05-14 in the supplied source timeline. This debrief is based only on the provided official advisory data and references.