PatchSiren cyber security CVE debrief
CVE-2023-52583 Siemens CVE debrief
CVE-2023-52583 is a vulnerability in the Linux kernel's Ceph filesystem driver related to improper use of the dget() function, which can lead to deadlock or dead code conditions. The vulnerability was resolved in the upstream Linux kernel. Siemens has identified this CVE as affecting certain industrial networking products including the RUGGEDCOM RST2428P and SCALANCE X-family switches that incorporate the vulnerable kernel code. The CISA ICS advisory ICSA-25-226-15, published August 12, 2025 and most recently updated February 25, 2026, tracks this vulnerability as part of Siemens' broader security advisory SSA-613116. Notably, the source material marks the impact assessment for affected products as 'Misinformed,' suggesting potential clarification or correction in the advisory's threat categorization. No CVSS score is currently assigned in the available sources. Organizations operating affected Siemens industrial networking equipment should consult the vendor's security advisory for specific patch availability and version guidance.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking infrastructure, particularly in critical infrastructure and OT environments using RUGGEDCOM or SCALANCE X-family switches. Security teams responsible for Linux kernel security in embedded industrial systems. CISOs and OT security practitioners tracking CISA ICS advisories for industrial control system vulnerabilities.
Technical summary
The vulnerability exists in the Linux kernel's Ceph distributed filesystem client driver, specifically in improper usage of the dget() function for dentry reference counting. Incorrect dget() usage can result in reference count imbalances leading to deadlock conditions (where processes wait indefinitely for resources) or dead code (unreachable execution paths). The upstream Linux kernel has resolved this issue. Siemens industrial networking products incorporating affected kernel versions are impacted, including RUGGEDCOM RST2428P and SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices. The CISA advisory marks impact as 'Misinformed,' indicating the threat categorization may require further clarification.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for affected product versions and patch availability
- Verify kernel version on affected Siemens RUGGEDCOM and SCALANCE devices
- Apply vendor-provided firmware updates when available
- Monitor CISA ICS advisories for updates to impact assessment
- Implement network segmentation for industrial control systems per CISA recommended practices
Evidence notes
CVE description indicates upstream Linux kernel resolution for ceph driver dget() misuse. CISA CSAF source ICSA-25-226-15 (rev 4, 2026-02-25) lists affected Siemens products with 'Misinformed' impact categorization. No CVSS vector or score present in source. KEV status: false.
Official resources
-
CVE-2023-52583 CVE record
CVE.org
-
CVE-2023-52583 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12