PatchSiren cyber security CVE debrief
CVE-2023-45863 Siemens CVE debrief
CVE-2023-45863 is a Linux kernel flaw in lib/kobject.c that can lead to a fill_kobj_path out-of-bounds write when a local attacker with root access triggers a race condition. Siemens maps this issue to 19 SCALANCE W-series products in ICSA-25-044-09 and recommends updating to V3.0.0 or later.
- Vendor
- Siemens
- Product
- SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0)
- CVSS
- MEDIUM 6.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-02-11
- Original CVE updated
- 2025-05-06
- Advisory published
- 2025-02-11
- Advisory updated
- 2025-05-06
Who should care
Organizations running the affected Siemens SCALANCE WAB/WAM/WUB/WUM devices, especially OT and industrial network operators that rely on these products for wireless connectivity or network infrastructure. Security teams responsible for Linux-based embedded devices should also review whether any deployed equipment includes the affected Siemens product lines.
Technical summary
The advisory states that CVE-2023-45863 affects Linux kernel versions before 6.2.3, where a race condition in lib/kobject.c can cause an out-of-bounds write in fill_kobj_path. The CVSS vector provided by the source is CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H, indicating the attacker needs local root privileges and the attack complexity is high. Siemens' CSAF advisory lists 19 affected SCALANCE products and directs users to update to V3.0.0 or later.
Defensive priority
Medium. The issue requires local root access and high attack complexity, but successful exploitation could affect confidentiality, integrity, and availability. Prioritize remediation for any deployed affected SCALANCE devices, especially where administrative access is broad or device hardening is weak.
Recommended defensive actions
- Identify whether any of the 19 Siemens SCALANCE WAB/WAM/WUB/WUM product variants listed in the advisory are deployed.
- Upgrade affected products to V3.0.0 or later as directed by Siemens.
- Restrict and monitor privileged access on affected devices, since the issue requires root access.
- Review OT change windows and plan updates carefully to minimize operational disruption.
- Track Siemens advisory SSA-769027 and CISA advisory ICSA-25-044-09 for any follow-on guidance.
Evidence notes
Source advisory ICSA-25-044-09 and Siemens reference SSA-769027 both describe the issue as a Linux kernel bug in lib/kobject.c before 6.2.3 that can trigger a fill_kobj_path out-of-bounds write via a race condition with root access. The advisory enumerates 19 affected Siemens SCALANCE products and recommends updating to V3.0.0 or later. The source also provides CVSS 6.4 (MEDIUM) with vector CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H. The May 6, 2025 source revision is noted as a typo fix only.
Official resources
-
CVE-2023-45863 CVE record
CVE.org
-
CVE-2023-45863 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA's CSAF source lists the advisory publication date as 2025-02-11 and a later revision on 2025-05-06 noted as a typo fix. Use 2025-02-11 as the advisory publication date and do not treat the revision date as the issue date.