PatchSiren cyber security CVE debrief
CVE-2022-34835 Siemens CVE debrief
CVE-2022-34835 is a critical memory-corruption issue in Das U-Boot’s "i2c md" command. An integer signedness error can trigger a stack-based buffer overflow and corrupt the return address pointer in do_i2c_md, making affected firmware builds high risk wherever the command path is reachable.
- Vendor
- Siemens
- Product
- RUGGEDCOM ROX MX5000
- CVSS
- CRITICAL 9.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-12
- Original CVE updated
- 2026-05-14
- Advisory published
- 2026-05-12
- Advisory updated
- 2026-05-14
Who should care
Embedded device vendors, board integrators, firmware maintainers, and operators of products that ship U-Boot or expose U-Boot console/management access should prioritize this CVE.
Technical summary
NVD classifies the flaw as CWE-787 (out-of-bounds write) and gives it CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerable scope in the record covers U-Boot builds before 2022.07 and release candidates 2022.07-rc1 through 2022.07-rc5. The publicly referenced remediation is upstream commit 8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409 in the U-Boot project, which is also cited in the Denx mailing list advisory.
Defensive priority
Immediate. Treat this as a critical bootloader memory-corruption issue and move affected U-Boot deployments to a build that includes the upstream fix as soon as practical.
Recommended defensive actions
- Inventory all products and firmware images that include U-Boot, especially builds at or before 2022.07-rc5.
- Confirm whether the affected "i2c md" command path is exposed in your deployment or can be reached through maintenance, factory, or recovery interfaces.
- Apply the upstream U-Boot fix referenced by commit 8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409 and rebuild affected firmware.
- Update downstream vendor packages and images that track U-Boot so they incorporate the patched source tree.
- If immediate patching is not possible, restrict access to bootloader consoles and management interfaces until the fixed build is deployed.
- Track downstream advisories and packaging notices, such as the Debian LTS and Siemens references in the record, for distribution-specific guidance.
Evidence notes
This debrief is based on the supplied NVD record and its linked references. The NVD description states that an integer signedness error in U-Boot’s "i2c md" command can cause a stack-based buffer overflow and corrupt the return address pointer of do_i2c_md. The NVD metadata also provides the CWE-787 classification, the CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, and the affected CPE scope covering pre-2022.07 releases and 2022.07-rc1 through rc5. Remediation references in the corpus point to upstream U-Boot commit 8f8c04bf1ebbd2f72f1643e7ad9617dafa6e5409 and the Denx mailing-list advisory.
Official resources
-
CVE-2022-34835 CVE record
CVE.org
-
CVE-2022-34835 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CVE published 2022-06-30T00:15:08.023Z; the supplied NVD record was modified on 2026-05-12T10:16:38.073Z.