CVE-2023-52791 Siemens CVE debrief

Who should care

Organizations operating Siemens industrial networking infrastructure, particularly those deploying SCALANCE X-family switches or RUGGEDCOM devices in critical infrastructure environments. System administrators responsible for maintaining firmware security in OT/ICS environments should prioritize vendor patch availability.

Technical summary

The vulnerability exists in the Linux kernel's I2C core subsystem. When I2C transfers are initiated in contexts where preemption is disabled (!preemptible), the system may encounter scheduling violations or instability. The fix ensures that atomic I2C transfers are used in these contexts. This kernel-level issue affects Siemens industrial networking products that incorporate the vulnerable kernel code, specifically the RUGGEDCOM RST2428P and SCALANCE X-family switches (XC-300/XR-300/XC-400/XR-500WG/XR-500, XCM-/XRM-/XCH-/XRH-300 families) running SINEC OS.

Defensive priority

medium

Recommended defensive actions

• Apply vendor-provided firmware updates for affected Siemens SCALANCE and RUGGEDCOM products per Siemens ProductCERT guidance
• Implement network segmentation for industrial control systems to limit exposure of vulnerable devices
• Follow CISA recommended practices for industrial control systems defense in depth
• Monitor vendor security advisories for additional affected products or updated remediation guidance

Evidence notes

The vulnerability description indicates a kernel-level issue in I2C core transfer handling. The CISA CSAF advisory ICSA-25-226-15 (published 2025-08-12, modified 2026-02-25) identifies affected Siemens products. The advisory's threat assessment categorizes impact as 'Misinformed' for affected product IDs. Siemens ProductCERT advisory SSA-613116 is the canonical source for remediation guidance. No CVSS score is available in the source corpus. The vulnerability is not listed in CISA KEV.

Official resources