PatchSiren cyber security CVE debrief
CVE-2025-62439 Siemens CVE debrief
CVE-2025-62439 is a Fortinet FortiOS authorization issue tied to improper verification of the source of a communication channel (CWE-940). According to the supplied advisory text, an authenticated user who understands FSSO policy configurations may be able to use crafted requests to reach protected network resources. The source rates the issue CVSS 4.2 (Medium).
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 4.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-10
- Original CVE updated
- 2026-05-14
- Advisory published
- 2026-03-10
- Advisory updated
- 2026-05-14
Who should care
Fortinet FortiOS administrators, especially teams using FSSO policy configurations and protecting sensitive internal resources. Security operations and network teams should also review affected appliances running FortiOS 7.6.0-7.6.4, 7.4.0-7.4.9, 7.2.x, or 7.0.x.
Technical summary
The advisory describes an improper verification of channel source that can weaken authorization decisions in FortiOS. The stated attack path requires an authenticated user plus knowledge of FSSO policy configurations, after which crafted requests may lead to unauthorized access to protected network resources. The supplied remediation guidance calls for updating Fortigate NGFW to v7.4.10 or later and using FSSO TS Agent version 5.0 build 0324 or later, with customer support contact for patch/update details. The published CVSS vector in the source is CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N.
Defensive priority
Medium
Recommended defensive actions
- Inventory Fortinet FortiOS devices and confirm whether any run versions 7.6.0-7.6.4, 7.4.0-7.4.9, 7.2.x, or 7.0.x.
- Prioritize upgrading to a vendor-fixed release; the supplied remediation specifically names Fortigate NGFW v7.4.10 or later and FSSO TS Agent 5.0 build 0324 or later.
- Validate FSSO policy configurations and restrict access to administrative and policy-management functions.
- Review authentication, policy, and access logs for unusual crafted-request patterns involving authenticated users.
- Coordinate with Fortinet/customer support for branch-specific patch guidance if your deployment is on a version family not explicitly covered by the supplied fix note.
- Apply general ICS/network defense-in-depth practices and least-privilege controls around protected network resources.
Evidence notes
The advisory content in the supplied CSAF and CISA references consistently describes a Fortinet FortiOS/CWE-940 issue affecting FSSO policy handling. However, the source item metadata labels the product as "Siemens RUGGEDCOM APE1808 vers:all/*", which conflicts with the advisory title, description, and remediation text. That metadata mismatch should be treated as a cataloging inconsistency and reviewed. Timing in this debrief follows the supplied CVE published/modified dates: 2026-03-10 publication and 2026-05-14 update.
Official resources
-
CVE-2025-62439 CVE record
CVE.org
-
CVE-2025-62439 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA ICS Advisory ICSA-26-071-02 on 2026-03-10 and updated on 2026-05-14. The supplied source corpus republishes Siemens ProductCERT advisory SSA-975644.