SecurityWeek reports that Siemens confirmed that its Ruggedcom APE1808 devices configured with a Palo Alto Networks virtual next-generation firewall may be impacted by the actively exploited Palo Alto Networks firewall vulnerability, tracked as CVE-2024-3400.
Such a development comes after attacks leveraging the flaw to facilitate arbitrary command execution and privilege escalation on vulnerable firewalls escalated during the past week amid the release of a proof-of-concept code. Volexity researchers noted that intrusions exploiting the bug commenced on March 26 and may have been conducted by state-backed attackers. Aside from leveraging breached firewalls to facilitate network and data compromise, threat actors have also used the flaw for backdoor distribution.
Meanwhile, nearly 6,000 internet-exposed devices were discovered by the Shadowserver Foundation to still be impacted by the vulnerability a week after updates remediating the security issue were released by Palo Alto Networks.
