PatchSiren cyber security CVE debrief
CVE-2023-52507 Siemens CVE debrief
A vulnerability in the Linux kernel's NFC (Near Field Communication) subsystem, specifically in the NCI (NFC Controller Interface) protocol handling, has been identified and resolved. The issue involved insufficient validation of requested protocols, which could lead to out-of-bounds access. Siemens has assessed this vulnerability as having no security impact on its affected industrial networking products, including the RUGGEDCOM RST2428P and SCALANCE X family switches running SINEC OS. The vulnerability was originally published on August 12, 2025, with the advisory last modified on February 25, 2026.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment, particularly RUGGEDCOM RST2428P and SCALANCE X family switches, should be aware of this advisory for inventory and compliance purposes. Security teams in operational technology (OT) environments should note the vendor's no-impact assessment while maintaining standard defensive postures. Linux kernel maintainers and developers working with NFC/NCI subsystems should ensure protocol validation assertions are properly implemented in their codebases.
Technical summary
CVE-2023-52507 addresses a vulnerability in the Linux kernel's NFC (Near Field Communication) subsystem, specifically within the NCI (NFC Controller Interface) implementation. The vulnerability stemmed from insufficient validation of requested protocols, which could potentially lead to out-of-bounds access conditions. The fix implements proper assertion checks to validate that requested protocols are within acceptable bounds before processing. Siemens has evaluated this vulnerability against their affected products—RUGGEDCOM RST2428P switches and SCALANCE X family industrial Ethernet switches running SINEC OS—and determined that it presents no security impact. This assessment is based on product architecture and deployment contexts where NFC functionality is not exposed in a manner that would allow exploitation. The advisory history shows iterative refinement of affected product lists, with corrections made in February 2026 to accurately reflect product security status.
Defensive priority
low
Recommended defensive actions
- Verify that affected Siemens industrial networking devices are running supported SINEC OS versions (3.1 or higher for SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family)
- Monitor Siemens ProductCERT advisories for any future reassessment of this vulnerability's impact
- Apply standard defense-in-depth practices for industrial control systems as recommended by CISA
- Review network segmentation to ensure NFC-related attack vectors are not exposed in operational technology environments
Evidence notes
The vulnerability description indicates a resolution in the Linux kernel's NFC NCI subsystem to assert that requested protocols are valid. The source advisory (ICSA-25-226-15) explicitly marks the impact as 'Misinformed' for all affected product IDs, indicating Siemens' assessment that this vulnerability does not pose a security risk to their products. The advisory underwent multiple revisions, with the most recent update on February 25, 2026, republicating based on Siemens ProductCERT SSA-613116.
Official resources
-
CVE-2023-52507 CVE record
CVE.org
-
CVE-2023-52507 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12