PatchSiren cyber security CVE debrief
CVE-2023-52607 Siemens CVE debrief
A null-pointer dereference vulnerability in the Linux kernel's PowerPC memory management subsystem, specifically within the `pgtable_cache_add` function, has been identified and resolved. This flaw could potentially lead to system instability or denial of service conditions on affected PowerPC-based systems. The vulnerability was addressed through a kernel patch that corrects the null-pointer dereference issue. Siemens has assessed this vulnerability as affecting certain industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and SCALANCE X-family switches. The CISA advisory ICSA-25-226-15, published August 12, 2025, and subsequently updated through February 25, 2026, provides coordinated disclosure for affected Siemens industrial control systems. Organizations operating the identified Siemens products should consult the vendor's security advisory for specific patch availability and deployment guidance.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking infrastructure, particularly those deploying RUGGEDCOM RST2428P devices or SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 and XCM-/XRM-/XCH-/XRH-300 family switches in operational technology environments. Security teams responsible for patch management in industrial control systems and Linux kernel maintainers for PowerPC-based embedded systems.
Technical summary
CVE-2023-52607 is a null-pointer dereference vulnerability in the Linux kernel's PowerPC architecture memory management code, specifically in the `pgtable_cache_add` function. The vulnerability has been resolved in the upstream kernel. Siemens has identified this issue as affecting certain industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and multiple SCALANCE X-family switch product lines. The CISA advisory ICSA-25-226-15, with final update dated February 25, 2026, coordinates disclosure for affected industrial control systems. No CVSS score is available in the disclosed information.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for detailed product-specific patch information and affected version matrices
- Verify SINEC OS version on deployed RUGGEDCOM RST2428P and SCALANCE X-family devices against vendor guidance
- Apply vendor-provided kernel updates or firmware patches addressing CVE-2023-52607 when available
- Monitor CISA ICS advisories for additional guidance on industrial control system security practices
- Implement network segmentation for industrial control systems per CISA recommended practices to limit exposure
Evidence notes
The vulnerability description indicates a resolved null-pointer dereference in powerpc/mm pgtable_cache_add. The source advisory ICSA-25-226-15 was initially published 2025-08-12 and underwent three subsequent revisions through 2026-02-25, with the final update reflecting republication based on Siemens SSA-613116. The threat assessment in the source material categorizes impact as 'Misinformed' for affected product IDs. No CVSS score or severity rating is present in the supplied corpus.
Official resources
-
CVE-2023-52607 CVE record
CVE.org
-
CVE-2023-52607 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Coordinated disclosure via CISA and Siemens ProductCERT