New Critical ICS Vulnerabilities - 20260313003

Overview

CISA has released advisories for Industrial Control Systems (ICS) related vendors.

What is vulnerable?

Critical Severity

Vendor	CVE	CVSS
Siemens	CVE-2026-24858	9.8

Please note: Fortinet has published information on vulnerabilities in FORTIOS. This advisory lists the related Siemens Industrial products. Siemens has released a new version for RUGGEDCOM APE1808 and recommends to update to the latest version.

Recommendation

The WASOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframes (refer Patch Management):

• SIEMENS: https://cert-portal.siemens.com/productcert/html/ssa-975644.html

Additional References

• CISA: https://www.cisa.gov/news-events/ics-advisories/icsa-26-071-02