PatchSiren cyber security CVE debrief
CVE-2023-35828 Siemens CVE debrief
A use-after-free vulnerability exists in the Linux kernel's Renesas USB3 gadget driver, specifically in the `renesas_usb3_remove` function within `drivers/usb/gadget/udc/renesas_usb3.c`. This flaw affects Linux kernel versions prior to 6.3.2. The vulnerability was published on June 11, 2024, with a subsequent modification on July 9, 2024. Siemens has identified this vulnerability as affecting their TIM 1531 IRC industrial communication modules, including both the standard and SIPLUS variants. The CVSS 3.1 score of 7.0 (HIGH) reflects local attack vector, high attack complexity, low privileges required, and high impacts to confidentiality, integrity, and availability. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.
- Vendor
- Siemens
- Product
- SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0)
- CVSS
- HIGH 7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-02-13
- Original CVE updated
- 2024-02-13
- Advisory published
- 2024-02-13
- Advisory updated
- 2024-02-13
Who should care
Organizations operating Siemens TIM 1531 IRC or SIPLUS TIM 1531 IRC industrial communication modules in OT/ICS environments should prioritize patching. System administrators managing Linux-based industrial systems with Renesas USB3 hardware should verify kernel versions. Security teams responsible for industrial control system infrastructure should assess exposure and implement defense-in-depth measures per CISA guidance.
Technical summary
CVE-2023-35828 is a use-after-free vulnerability in the `renesas_usb3_remove` function of the Linux kernel's Renesas USB3 gadget driver, present in kernel versions before 6.3.2. The flaw occurs during driver removal operations and could potentially lead to privilege escalation or system instability. Siemens has confirmed this vulnerability affects their TIM 1531 IRC industrial communication modules, which utilize the affected kernel component. The vulnerability requires local access and high attack complexity to exploit, with successful exploitation potentially resulting in complete compromise of confidentiality, integrity, and availability. Siemens has released firmware version 2.4.8 to address this issue.
Defensive priority
HIGH
Recommended defensive actions
- Apply vendor-provided firmware update to version 2.4.8 or later for affected Siemens TIM 1531 IRC devices
- Review and implement CISA ICS recommended practices for defense-in-depth strategies
- Monitor Siemens ProductCERT portal for additional security advisories related to affected products
- Assess network segmentation to limit exposure of affected industrial control systems
- Verify kernel version on any Linux-based systems using Renesas USB3 gadget drivers and update to kernel 6.3.2 or later
Evidence notes
The vulnerability description is sourced from CISA CSAF advisory ICSA-24-165-06, which references Siemens security advisory SSA-337522. The affected products are Siemens TIM 1531 IRC (6GK7543-1MX00-0XE0) and SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0). The CVSS vector indicates local attack requirements with high complexity, suggesting exploitation would require local access and specific conditions.
Official resources
-
CVE-2023-35828 CVE record
CVE.org
-
CVE-2023-35828 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-06-11