PatchSiren cyber security CVE debrief
CVE-2023-52599 Siemens CVE debrief
CVE-2023-52599 is a vulnerability in the Linux kernel's JFS (Journaled File System) that was resolved with a fix for an array-index-out-of-bounds condition in the diNewExt function. The vulnerability was published on 2025-08-12 and last modified on 2026-02-25. Siemens has identified this CVE as affecting its RUGGEDCOM RST2428P (6GK6242-6PA00) product, along with SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family and SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices, through their SINEC OS advisory SSA-613116. The CISA advisory ICSA-25-226-15, which republished Siemens' guidance, underwent multiple revisions between February 2026 to correct affected product listings and remove rejected CVEs. No CVSS score or severity rating is available in the provided source material, and this vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P switches or SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 and XCM-/XRM-/XCH-/XRH-300 family devices in industrial control environments. Security teams responsible for OT/ICS infrastructure using SINEC OS should prioritize reviewing patch availability from Siemens.
Technical summary
CVE-2023-52599 addresses an array-index-out-of-bounds vulnerability in the diNewExt function of the Linux kernel's JFS (Journaled File System) implementation. The vulnerability has been resolved in the upstream Linux kernel. Siemens has identified affected products running SINEC OS, including RUGGEDCOM RST2428P (6GK6242-6PA00) and multiple SCALANCE device families. The CISA advisory ICSA-25-226-15, which republishes Siemens' ProductCERT guidance, underwent significant revision in February 2026 to correct product impact assessments. No CVSS scoring information is available in the provided sources.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for detailed affected product versions and patch availability
- Apply security updates for SINEC OS as provided by Siemens for affected RUGGEDCOM RST2428P and SCALANCE device families
- Monitor CISA ICS advisories for additional guidance on industrial control system protections
- Implement network segmentation for affected industrial control devices per CISA recommended practices
- Verify JFS filesystem usage on affected systems and assess exposure to local attack vectors
Evidence notes
The vulnerability description indicates a resolved array-index-out-of-bounds issue in the Linux kernel JFS filesystem's diNewExt function. Siemens ProductCERT advisory SSA-613116 is the canonical source for affected product information, with CISA's ICSA-25-226-15 serving as a republication. The advisory revision history shows corrections to affected product listings in February 2026, with the final republication on 2026-02-25 based on the Siemens advisory.
Official resources
-
CVE-2023-52599 CVE record
CVE.org
-
CVE-2023-52599 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12