Cyber·Monitoring
Shai-Hulud Supply-Chain Attack Trojanizes 19 PyPI Packages
PyPI repository (global online service)· Global4 Jun
5 reportsPROPCYCAS
MediumAI Refreshed
ClosedMedium impactAI Generated
Critical Buffer Overflow Vulnerability in Siemens RUGGEDCOM APE1808 Devices (CVE-2026-0300)
Occurred 12 May 2026·Detected 23 May 2026·
Worldwide deployment; vendor headquartered in Germany. Affects critical manufacturing infrastructure globally.2 reportsEnded 29 May 2026
CyberProperty
A critical CVSS 10.0 buffer overflow vulnerability in Palo Alto Networks PAN-OS software affects Siemens RUGGEDCOM APE1808 industrial firewall devices deployed worldwide in critical manufacturing infrastructure. An unauthenticated remote attacker can exploit the User-ID Authentication Portal to execute arbitrary code with root privileges. No vendor fix is currently available; Siemens recommends workarounds including disabling Response Pages and restricting portal access.
AI-generated from linked source reports. See our correction policy.
Impact verdict
Medium impact. MEDIUM: Second-pass historical recalibration. This cyber advisory or vulnerability item is relevant to Cyber and technology-dependent Property/Casualty books, but it does not evidence confirmed insured loss, claims activity, ransomware/business interruption, critical infrastructure outage, or quantified market impact sufficient for HIGH.
View assessment methodologyHow we grade what we know -- Known · Reported · Uncertain. Methodology →
Timeline
Status Change2 Jun 2026, 13:05
Lifecycle changed
monitoring → closed
Closure2 Jun 2026, 13:05
Event Closed
auto_closed_monitoring_timeout
Status Change29 May 2026, 05:30
Status changed to monitoring
Auto-transitioned: no updates for 6 hours
active → monitoring
Status Change28 May 2026, 22:34
Status changed to active
evidence_trigger: authoritative_fast_track
signal → active
De-escalation25 May 2026, 17:12
Impact changed
high → medium
Corroboration23 May 2026, 21:24
CISA has published an ICS advisory disclosing multiple critical and high-severity vulnerabilities in Siemens Ruggedcom Rox devices (all versions prior to v2.17.1). The advisory covers 35 CVEs spanning uncontrolled recursion, integer underflows, out-of-bounds reads/writes, stack and heap buffer overflows, path traversal, use-after-free, and weak hash usage. The highest CVSS score is 9.8 (Critical). Ruggedcom Rox devices are ruggedized networking equipment deployed in critical infrastructure environments including energy, utilities, and industrial control systems. Siemens has released version 2.17.1 as a fix. Devices are deployed worldwide with company headquarters in Germany.
Source: CISA Advisories (Official Advisory) · View source
Initial Detection23 May 2026, 21:14
Initial Detection
A critical CVSS 10.0 buffer overflow vulnerability in Palo Alto Networks PAN-OS software affects Siemens RUGGEDCOM APE1808 industrial firewall devices deployed worldwide in critical manufacturing infrastructure. An unauthenticated remote attacker can exploit the User-ID Authentication Portal to execute arbitrary code with root privileges. No vendor fix is currently available; Siemens recommends workarounds including disabling Response Pages and restricting portal access.
A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. CVSS v3 Base Score: 10 CRITICAL
Source: CISA Advisories (Official Advisory) · View source
Lloyd's classifications
Tracking this kind of risk? Get an email when Cyber events escalate.
Get alerts