PatchSiren cyber security CVE debrief
CVE-2025-64157 Siemens CVE debrief
The supplied advisory data describes an externally controlled format string issue that could let an authenticated admin execute unauthorized code or commands through a specially crafted configuration. Defensive handling should focus on privilege review, configuration-change controls, and vendor patch validation. Important: the corpus contains a product mismatch—CISA metadata names Siemens RUGGEDCOM APE1808, while the vulnerability text and remediation point to Fortinet FortiOS/FortiGate—so treat this record as needing manual verification before remediation planning.
- Vendor
- Siemens
- Product
- RUGGEDCOM APE1808
- CVSS
- MEDIUM 6.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-03-10
- Original CVE updated
- 2026-05-14
- Advisory published
- 2026-03-10
- Advisory updated
- 2026-05-14
Who should care
Fortinet/FortiGate administrators, OT and industrial-network defenders consuming CISA ICS advisories, and incident responders validating whether the affected FortiOS branches are present in their environment.
Technical summary
The source description identifies a use of externally controlled format string vulnerability. The supplied CVSS vector (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) indicates a local, high-privilege, no-user-interaction issue with high potential impact if an attacker already has authenticated admin access. The corpus also shows an internal advisory inconsistency: the CISA CSAF metadata lists Siemens RUGGEDCOM APE1808, but the text, references, and remediation describe Fortinet FortiOS/FortiGate NGFW versions and updates.
Defensive priority
Medium. The issue requires authenticated administrative privileges, but the potential for unauthorized code or command execution warrants prompt validation and patch planning in environments that match the affected FortiOS branches.
Recommended defensive actions
- Verify whether any devices run the affected FortiOS branches listed in the advisory text before taking action.
- Cross-check the CISA CSAF and the referenced vendor advisory because the supplied corpus contains a Siemens/Fortinet product mismatch.
- If affected, follow the vendor remediation path and update FortiGate NGFW to V7.4.10 or later, or use the vendor-supported fix for the relevant branch.
- Review and restrict administrative access, enforce strong change control for configuration updates, and audit privileged actions on management interfaces.
- Apply CISA ICS recommended practices and defense-in-depth guidance for OT/industrial environments.
Evidence notes
Based on CISA CSAF ICSA-26-071-02, published 2026-03-10 and last updated 2026-05-14 in the supplied timeline and revision history. The corpus references Siemens ProductCERT SSA-975644, but the vulnerability description and remediation text refer to Fortinet FortiOS/FortiGate. Because of this mismatch, the record should be validated against the official vendor advisory before remediation.
Official resources
-
CVE-2025-64157 CVE record
CVE.org
-
CVE-2025-64157 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory on 2026-03-10 and republished it on 2026-05-14. The supplied corpus should be treated as needing manual review because its product metadata and vulnerability text do not align cleanly.