Siemens RUGGEDCOM APE1808 Devices

// Description

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications. [1] https://security.paloaltonetworks.com/

// Vulnerabilities (1)

CVE ID	CVSS Score	Severity	Description
CVE-2026-0300	10.0	critical	CVE-2026-0300. A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.

// Remediations (4)

Mitigation: Disable Response Pages in the Interface Management Profile attached to every L3 interface in any zon

Disable Response Pages in the Interface Management Profile attached to every L3 interface in any zone where untrusted/internet traffic can ingress. Keep Response Pages enabled only on interfaces in trust/internal zones where legitimate users' browsers ingress

Patch: Contact customer support to receive patch and update information

Contact customer support to receive patch and update information

Mitigation: Disable User-ID™ Authentication Portal if not required

Disable User-ID™ Authentication Portal if not required

Mitigation: Restrict access to the User-ID Authentication Portal to trusted internal IP addresses only

Restrict access to the User-ID Authentication Portal to trusted internal IP addresses only

// Description

// Vulnerabilities (1)

// Remediations (4)

// References