PatchSiren cyber security CVE debrief
CVE-2023-52594 Siemens CVE debrief
CVE-2023-52594 is an array-index-out-of-bounds read vulnerability in the Linux kernel's ath9k wireless driver, specifically within the ath9k_htc_txstatus() function. The vulnerability was resolved in the Linux kernel with a fix for the potential out-of-bounds read condition. Siemens has assessed this CVE as affecting multiple industrial networking product families including RUGGEDCOM RST2428P and SCALANCE X-series switches running SINEC OS. CISA published advisory ICSA-25-226-15 on August 12, 2025, with subsequent updates through February 25, 2026, to refine affected product listings and incorporate Siemens ProductCERT guidance. The vulnerability is classified with an impact of 'Misinformed' in the CSAF data, indicating potential for information disclosure or system instability through the out-of-bounds memory access. Organizations should consult vendor security advisories for patch availability and apply kernel updates where applicable.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment with wireless capabilities, particularly SCALANCE X-series switches and RUGGEDCOM devices running SINEC OS. System administrators maintaining Linux-based industrial systems with ath9k-compatible USB wireless adapters. OT security teams responsible for patch management in industrial control environments.
Technical summary
The vulnerability exists in the ath9k_htc_txstatus() function of the Linux kernel's Atheros ath9k HTC (Host Target Communication) wireless driver. An array-index-out-of-bounds read condition can occur, potentially leading to information disclosure or kernel instability. The ath9k driver supports Atheros AR9271 and AR7010 USB 802.11n wireless chipsets commonly used in embedded and industrial applications. The fix involves proper bounds checking on array indexing operations within the TX status processing path.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for affected product versions and patch availability
- Apply vendor-provided firmware updates for SINEC OS on affected SCALANCE and RUGGEDCOM devices
- Monitor Linux kernel security updates for ath9k driver fixes on systems using Atheros AR9271/AR7010 USB wireless devices
- Implement network segmentation to limit exposure of industrial wireless infrastructure
- Follow CISA ICS recommended practices for defense-in-depth strategies
Evidence notes
CVE published 2025-08-12 per CISA CSAF advisory ICSA-25-226-15. Modified 2026-02-25 with CISA republication based on Siemens ProductCERT SSA-613116. Linux kernel fix description indicates array-index-out-of-bounds read in ath9k_htc_txstatus(). Siemens products affected: RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family.
Official resources
-
CVE-2023-52594 CVE record
CVE.org
-
CVE-2023-52594 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12