CVE-2023-52774 Siemens CVE debrief

Who should care

Organizations operating Siemens industrial networking infrastructure, particularly those deploying RUGGEDCOM RST2428P or SCALANCE X series switches in critical infrastructure environments. System administrators responsible for OT/ICS network security and patch management should prioritize vendor guidance.

Technical summary

The vulnerability exists in the s390 DASD (Direct Access Storage Device) driver within the Linux kernel. The device queue was susceptible to concurrent access without proper synchronization, creating a race condition. The resolution involved implementing protection mechanisms to serialize access to the device queue. This kernel-level issue propagates to Siemens industrial networking products utilizing affected Linux kernel versions in their SINEC OS firmware, specifically impacting RUGGEDCOM RST2428P switches and SCALANCE X family managed switches (XC-300/XR-300/XC-400/XR-500WG/XR-500 and XCM-/XRM-/XCH-/XRH-300 families).

Defensive priority

medium

Recommended defensive actions

• Review Siemens ProductCERT advisory SSA-613116 for specific affected product versions and available patches
• Apply vendor-provided firmware updates for SINEC OS on affected SCALANCE and RUGGEDCOM devices
• Implement network segmentation for industrial control systems per CISA recommended practices
• Monitor vendor security advisories for additional updates to affected product families

Evidence notes

Source indicates this vulnerability was resolved in the Linux kernel with a fix to protect the s390/dasd device queue against concurrent access. The CISA CSAF advisory ICSA-25-226-15 was initially published on 2025-08-12 and subsequently modified on 2026-02-25 to correct affected product listings and remove rejected CVEs. Siemens ProductCERT advisory SSA-613116 is the authoritative source for product-specific impact and remediation guidance.

Official resources