PatchSiren cyber security CVE debrief
CVE-2023-52615 Siemens CVE debrief
A vulnerability in the Linux kernel's hardware random number generator (hwrng) core subsystem could allow a page fault deadlock condition when the hwrng device is memory-mapped (mmap-ed). The issue was resolved in the Linux kernel. Siemens has identified this vulnerability as affecting certain industrial networking products including the RUGGEDCOM RST2428P and SCALANCE X family switches running SINEC OS. CISA published advisory ICSA-25-226-15 on August 12, 2025, with subsequent updates through February 25, 2026, to refine affected product listings and remove rejected CVEs. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking infrastructure, particularly those using RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices with SINEC OS. Security teams responsible for industrial control system (ICS) infrastructure should prioritize firmware updates and network segmentation controls.
Technical summary
CVE-2023-52615 addresses a page fault deadlock condition in the Linux kernel's hardware random number generator (hwrng) core subsystem that occurs when the hwrng device is memory-mapped via mmap(). The vulnerability could cause system instability or denial of service conditions. The fix was committed to the Linux kernel hwrng core. Siemens industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and SCALANCE X family switches, incorporate the affected Linux kernel code and are identified as impacted. The vulnerability is classified with CWE-833 (Deadlock) characteristics. No CVSS score is currently assigned in the available sources.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT SSA-613116 for detailed affected product versions and patch availability
- Apply vendor-provided firmware updates for SINEC OS on affected SCALANCE and RUGGEDCOM devices
- Implement network segmentation for industrial control systems per CISA ICS recommended practices
- Monitor for anomalous behavior in hardware random number generator access patterns
- Verify hwrng subsystem configurations on Linux-based industrial devices
Evidence notes
The vulnerability description is sourced from the Linux kernel commit message resolving the hwrng core page fault deadlock. Siemens ProductCERT identified affected products through their CSAF advisory SSA-613116. CISA's ICSA-25-226-15 advisory republishes this information with additional ICS-specific context. The threat assessment in the source material categorizes impact as 'Misinformed' for affected product IDs.
Official resources
-
CVE-2023-52615 CVE record
CVE.org
-
CVE-2023-52615 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
The vulnerability was disclosed via Linux kernel commit and subsequently incorporated into Siemens ProductCERT advisory SSA-613116, which CISA republished as ICSA-25-226-15. The advisory was initially published on August 12, 2025, with the