PatchSiren cyber security CVE debrief
CVE-2021-47178 Siemens CVE debrief
This CVE addresses a Linux kernel vulnerability in the SCSI target core subsystem where `smp_processor_id()` was incorrectly called in preemptible code context. The vulnerability was resolved by avoiding this unsafe pattern. Siemens TIM 1531 IRC industrial communication devices are affected due to their embedded Linux kernel usage. The issue has a local attack vector requiring low privileges and can lead to high availability impact (denial of service). A vendor fix is available requiring update to version 2.4.8 or later.
- Vendor
- Siemens
- Product
- SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-06-11
- Original CVE updated
- 2024-07-09
- Advisory published
- 2024-06-11
- Advisory updated
- 2024-07-09
Who should care
Organizations operating Siemens TIM 1531 IRC (6AG1543-1MX00-7XE0) or TIM 1531 IRC (6GK7543-1MX00-0XE0) industrial communication devices in OT/ICS environments. System administrators responsible for firmware lifecycle management in industrial control systems. Security teams monitoring Linux kernel vulnerabilities affecting embedded industrial devices.
Technical summary
CVE-2021-47178 is a Linux kernel vulnerability in the SCSI target core subsystem where `smp_processor_id()` was invoked in preemptible code, violating kernel preemption safety rules. This can trigger kernel warnings or crashes under specific scheduling conditions, resulting in denial of service. The vulnerability affects Siemens TIM 1531 IRC industrial communication modules which utilize embedded Linux. The CVSS 3.1 score of 5.5 (MEDIUM) reflects local attack vector, low attack complexity, low privileges required, and high availability impact with no confidentiality or integrity impact. Siemens has released firmware version 2.4.8 to address this issue.
Defensive priority
medium
Recommended defensive actions
- Apply vendor firmware update to version 2.4.8 or later for affected Siemens TIM 1531 IRC devices
- Review and implement CISA ICS recommended practices for defense-in-depth strategies
- Monitor Siemens ProductCERT advisories for additional security updates
- Assess network segmentation for affected industrial control systems to limit local attack surface
- Verify kernel configurations on embedded Linux systems for similar preemptibility issues
Evidence notes
The vulnerability description indicates a kernel-level fix for improper use of `smp_processor_id()` in preemptible contexts within the SCSI target core. CISA CSAF advisory ICSA-24-165-06 confirms Siemens TIM 1531 IRC products are affected. CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates local attack, low privileges required, no user interaction, with availability impact only. Siemens remediation guidance specifies firmware update to V2.4.8 or later.
Official resources
-
CVE-2021-47178 CVE record
CVE.org
-
CVE-2021-47178 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-06-11