PatchSiren cyber security CVE debrief
CVE-2023-51782 Siemens CVE debrief
CVE-2023-51782 is a use-after-free vulnerability in the Linux kernel's ROSE (Radio Amateur Packet X.25 PLP) protocol implementation, specifically in the `rose_ioctl` function in `net/rose/af_rose.c`. The vulnerability stems from a race condition involving `rose_accept` and affects Linux kernel versions before 6.6.8. Siemens has identified this CVE as applicable to certain industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and SCALANCE X-family switches. The vulnerability was initially published in CISA advisory ICSA-25-226-15 on August 12, 2025, with subsequent revisions through February 25, 2026, including corrections to affected product listings and removal of rejected CVEs. Notably, the source advisory marks the impact assessment as 'Misinformed' for the listed product IDs, suggesting potential discrepancies in initial severity characterization. Organizations should consult the Siemens ProductCERT advisory SSA-613116 for definitive patch guidance and affected version details.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P switches, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices should prioritize assessment. Network administrators managing industrial control systems with amateur radio packet networking capabilities or ROSE protocol exposure should evaluate exposure. Security teams responsible for OT/ICS environments using Siemens networking infrastructure should monitor Siemens ProductCERT advisories for patch availability.
Technical summary
The vulnerability exists in the `rose_ioctl` function within the Linux kernel's ROSE (Radio Amateur Packet X.25 PLP) protocol implementation at `net/rose/af_rose.c`. A race condition in `rose_accept` can lead to a use-after-free condition, potentially allowing memory corruption. The ROSE protocol is used for amateur radio packet networking. While primarily a kernel-level issue, Siemens has identified affected industrial networking products that utilize the vulnerable kernel code through their SINEC OS operating system.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for definitive affected product versions and patch availability
- Verify kernel version on SINEC OS-based devices; upgrade to Linux kernel 6.6.8 or later where supported
- Apply Siemens-provided firmware updates for RUGGEDCOM RST2428P and SCALANCE X-family devices when available
- Implement network segmentation to limit exposure of ROSE protocol interfaces
- Monitor CISA ICS advisories for additional guidance on industrial control system protections
Evidence notes
The vulnerability description is sourced from the official CVE record and CISA CSAF advisory ICSA-25-226-15. Siemens' ProductCERT advisory SSA-613116 provides the authoritative product impact assessment. The 'Misinformed' threat categorization in the source CSAF data indicates the initial impact assessment may have been incorrect.
Official resources
-
CVE-2023-51782 CVE record
CVE.org
-
CVE-2023-51782 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
The vulnerability was disclosed through coordinated vulnerability disclosure channels, with CISA publishing advisory ICSA-25-226-15 on August 12, 2025, and Siemens providing product-specific guidance through ProductCERT advisory SSA-613116.