PatchSiren cyber security CVE debrief
CVE-2023-52622 Siemens CVE debrief
A vulnerability in the Linux kernel's ext4 filesystem could cause online resizing failures when flexible block groups (flex bg) are oversized. The issue has been resolved in the kernel. Siemens has identified this CVE as applicable to certain industrial networking products running SINEC OS, which incorporates the affected Linux kernel component. CISA published this advisory on August 12, 2025, with subsequent updates through February 25, 2026, including corrections to affected product listings and removal of rejected CVEs. The vulnerability is classified with impact 'Misinformed' per the source advisory. No CVSS score is available in the provided source data.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment with SINEC OS, particularly those managing ext4 filesystems on RUGGEDCOM and SCALANCE product lines. System administrators responsible for storage management and online filesystem resizing in industrial control environments. Security teams monitoring ICS/OT infrastructure for kernel-level vulnerabilities affecting filesystem integrity.
Technical summary
The vulnerability exists in the Linux kernel's ext4 filesystem implementation, specifically related to online resizing operations when flexible block groups (flex bg) are configured with oversized parameters. The kernel patch resolves failures that could occur during these resize operations. Siemens industrial networking products utilizing SINEC OS incorporate the affected kernel component. The advisory impact classification of 'Misinformed' suggests potential for information disclosure or operational impacts rather than direct code execution. Affected product families include RUGGEDCOM RST2428P and SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for affected product versions and patch availability
- Apply kernel updates provided by Siemens for SINEC OS-based products as they become available
- Verify ext4 filesystem configurations on affected industrial systems to ensure proper flex bg sizing
- Monitor CISA ICS advisories for additional updates to ICSA-25-226-15
- Follow CISA ICS recommended practices for defense-in-depth strategies for industrial control systems
Evidence notes
CVE published 2025-08-12 per CISA CSAF advisory ICSA-25-226-15. Modified 2026-02-25. Source indicates impact category 'Misinformed' for affected Siemens products. Vendor confirmed via Siemens ProductCERT SSA-613116.
Official resources
-
CVE-2023-52622 CVE record
CVE.org
-
CVE-2023-52622 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12