The Download
While we typically associate firewalls and VPNs with corporate networks, Siemens revealed its Ruggedcom APE1808 device is vulnerable to the severe vulnerability CVE-2024-3400 in Palo Alto Networks Global Protect VPN. The device is used on edge networks in industrial control systems. Siemens included the Palo Alto Networks Global Protect software in the device for remote access. This vulnerability was added to the CISA Known Exploitable Vulnerability (KEV) list because of active exploitation and the severity of the flaw.
One takeaway is that vulnerabilities in common security software make their way into critical infrastructure such as industrial control, making these systems vulnerable to attack from foreign adversaries.
What You Can Do
If you manage industrial control networks and have this Siemens device in operation, be sure to immediately shutdown the remote access and then patch it. It is important for plant operators to continuously monitor the security of their networks, especially since many provide remote login capabilities.
To Learn More: