CVE-2023-52604 Siemens CVE debrief

Who should care

Organizations operating Siemens RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family switches with SINEC OS. Industrial control system operators using JFS filesystems on Linux-based embedded systems. Critical infrastructure entities following CISA ICS advisory guidance.

Technical summary

The vulnerability exists in the JFS (Journaled File System) implementation within the Linux kernel, specifically in the dbAdjTree function. An array-index-out-of-bounds condition was detected by UBSAN (Undefined Behavior Sanitizer), indicating potential memory safety issues when handling JFS filesystem structures. The vulnerability has been resolved in the Linux kernel. Siemens industrial networking products running SINEC OS incorporate the affected kernel component, exposing these devices to the underlying issue. The CISA advisory classifies impact as 'Misinformed' for affected Siemens products.

Defensive priority

medium

Recommended defensive actions

• Review Siemens ProductCERT advisory SSA-613116 for affected product versions and patch availability
• Apply vendor-provided firmware updates for SINEC OS-based devices when available
• Verify JFS filesystem usage on affected industrial control systems and assess exposure
• Follow CISA ICS recommended practices for defense-in-depth strategies
• Monitor CISA ICSA-25-226-15 for advisory updates

Evidence notes

CVE published 2025-08-12 per CISA CSAF source. Modified 2026-02-25. Source indicates vulnerability resolved in Linux kernel. Siemens ProductCERT SSA-613116 is the canonical vendor advisory. Impact rated as 'Misinformed' in CISA CSAF threats section. Not listed in CISA KEV catalog.

Official resources