PatchSiren cyber security CVE debrief
CVE-2023-52600 Siemens CVE debrief
A use-after-free (UAF) vulnerability in the Journaled File System (jfs) component of the Linux kernel was resolved via a fix in jfs_evict_inode. The vulnerability affects Siemens industrial networking products that incorporate the vulnerable Linux kernel code. CISA published this advisory on August 12, 2025, with subsequent updates through February 25, 2026, including corrections to affected product listings and removal of rejected CVEs. Siemens ProductCERT issued advisory SSA-613116 addressing this issue. The source advisory categorizes the impact as 'Misinformed' for affected product IDs. No CVSS score or severity rating is available in the source corpus. This vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking infrastructure, particularly SCALANCE and RUGGEDCOM product lines, should assess exposure. OT security teams and asset owners in critical infrastructure sectors using affected devices should prioritize vendor patch review and application.
Technical summary
The vulnerability exists in the jfs_evict_inode function within the Linux kernel's Journaled File System (jfs) implementation. A use-after-free condition can occur during inode eviction operations, potentially leading to memory corruption or system instability. The fix resolves the UAF condition in jfs_evict_inode. This affects Siemens industrial networking products including RUGGEDCOM RST2428P and SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices that incorporate the vulnerable kernel code.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for detailed product impact and patch information
- Verify if deployed Siemens SCALANCE or RUGGEDCOM devices run affected firmware versions
- Apply vendor-provided security updates when available
- Follow CISA ICS recommended practices for defense-in-depth strategies
- Monitor CISA ICS advisories for additional updates to ICSA-25-226-15
Evidence notes
Source advisory ICSA-25-226-15 published by CISA on 2025-08-12, modified 2026-02-25. Siemens ProductCERT SSA-613116 referenced as primary vendor advisory. Impact categorized as 'Misinformed' per source threats data. Not listed in CISA KEV.
Official resources
-
CVE-2023-52600 CVE record
CVE.org
-
CVE-2023-52600 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12