CVE-2023-52809 Siemens CVE debrief

Who should care

Organizations operating Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family, or RUGGEDCOM RST2428P industrial switches in critical infrastructure environments.

Technical summary

The vulnerability exists in fc_lport_ptp_setup() within the Linux kernel's libfc SCSI over Fibre Channel implementation. A potential NULL pointer dereference could occur, leading to kernel crash or denial of service. The issue was resolved upstream. Siemens SINEC OS, used in industrial Ethernet switches, incorporates affected kernel components. The CISA advisory republished 2026-02-25 reflects updates from Siemens ProductCERT SSA-613116, including corrections to affected product lists and removal of unsupported version references.

Defensive priority

medium

Recommended defensive actions

• Review Siemens SSA-613116 security advisory for affected product versions and patch availability
• Apply vendor-provided firmware updates for SINEC OS on affected SCALANCE and RUGGEDCOM devices
• Monitor CISA ICS advisories for additional guidance on industrial control system security practices

Evidence notes

CVE published 2025-08-12 per CISA CSAF source. Modified 2026-02-25. Source indicates vulnerability resolved in Linux kernel scsi: libfc. Siemens SSA-613116 is canonical source. Threat category 'Misinformed' applied to CSAFPID-0001, CSAFPID-0004, CSAFPID-0003.

Official resources