Summary
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks’ upstream security notifications. [1] https://security.paloaltonetworks.com/
The following versions of Siemens RUGGEDCOM APE1808 Devices are affected:
- RUGGEDCOM APE1808 vers:all/* (CVE-2026-0300)
| CVSS | Vendor | Equipment | Vulnerabilities |
|---|---|---|---|
| v3 10 | Siemens | Siemens RUGGEDCOM APE1808 Devices | Out-of-bounds Write |
Background
- Critical Infrastructure Sectors: Critical Manufacturing
- Countries/Areas Deployed: Worldwide
- Company Headquarters Location: Germany
Vulnerabilities
CVE-2026-0300
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
Affected Products
Siemens RUGGEDCOM APE1808 Devices
Siemens
RUGGEDCOM APE1808
known_affected
Remediations
Mitigation
Disable Response Pages in the Interface Management Profile attached to every L3 interface in any zone where untrusted/internet traffic can ingress. Keep Response Pages enabled only on interfaces in trust/internal zones where legitimate users’ browsers ingress
Mitigation
Disable User-ID™ Authentication Portal if not required
Mitigation
Restrict access to the User-ID Authentication Portal to trusted internal IP addresses only
Vendor fix
Contact customer support to receive patch and update information
Relevant CWE: CWE-787 Out-of-bounds Write
Metrics
| CVSS Version | Base Score | Base Severity | Vector String |
|---|---|---|---|
| 3.1 | 10 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Acknowledgments
- Siemens ProductCERT reported this vulnerability to CISA.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens’ operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice and Terms of Use
Thi
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: