PatchSiren cyber security CVE debrief
CVE-2023-52598 Siemens CVE debrief
This CVE addresses a vulnerability in the Linux kernel's s390/ptrace subsystem where the Floating-Point Control (FPC) register was not being handled correctly during ptrace operations. The vulnerability was resolved by implementing proper handling of the FPC register setting. The issue affects Siemens industrial networking products running SINEC OS, specifically the RUGGEDCOM RST2428P and SCALANCE X-family switches. CISA published this advisory on August 12, 2025, with subsequent updates through February 2026 to correct affected product listings and remove rejected CVEs. The vulnerability is classified as 'Misinformed' impact in the source advisory, indicating potential for incorrect information disclosure or system state manipulation through improper FPC register control.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking infrastructure, particularly those with RUGGEDCOM RST2428P or SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices. Security teams managing OT/ICS environments should prioritize firmware updates. System administrators responsible for Linux on IBM Z (s390) architectures should verify kernel patch status.
Technical summary
CVE-2023-52598 is a vulnerability in the Linux kernel's ptrace subsystem for IBM Z (s390) architecture. The issue involves incorrect handling of the Floating-Point Control (FPC) register when set via ptrace operations. The FPC register manages floating-point exception masks, rounding modes, and status flags. Improper validation or handling of this register during process tracing could lead to information disclosure, denial of service, or potentially affect floating-point computation integrity in traced processes. The vulnerability was resolved in the Linux kernel with corrected FPC register setting logic. Siemens industrial networking products utilizing affected kernel versions in SINEC OS are impacted, including RUGGEDCOM RST2428P and multiple SCALANCE X-family switch models.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for detailed product-specific patch information
- Verify SINEC OS version on affected SCALANCE and RUGGEDCOM devices
- Apply vendor-provided firmware updates to address the underlying Linux kernel vulnerability
- Monitor CISA ICS advisories for additional guidance on industrial control system protections
- Implement network segmentation for industrial control systems per CISA recommended practices
Evidence notes
The vulnerability description indicates a kernel-level issue in s390 (IBM Z mainframe architecture) ptrace implementation. The FPC register controls floating-point rounding modes, exception masks, and flags. Improper handling could lead to information disclosure or unexpected floating-point behavior in traced processes. Siemens ProductCERT SSA-613116 is the authoritative source, republished by CISA as ICSA-25-226-15. The advisory underwent four revision cycles, with significant corrections in February 2026 regarding affected product scope.
Official resources
-
CVE-2023-52598 CVE record
CVE.org
-
CVE-2023-52598 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12