PatchSiren cyber security CVE debrief
CVE-2023-52817 Siemens CVE debrief
A null pointer dereference vulnerability in the Linux kernel's AMDGPU DRM driver, specifically in the `smc_rreg` pointer handling, has been identified and resolved. The vulnerability could allow an attacker to trigger a kernel crash through null pointer access when the `smc_rreg` function pointer is NULL. This affects Siemens industrial networking products that incorporate the vulnerable Linux kernel components, including RUGGEDCOM RST2428P and SCALANCE X-family switches running SINEC OS. The issue was disclosed in CISA advisory ICSA-25-226-15, which was initially published on August 12, 2025, and subsequently updated on February 25, 2026, to reflect corrections to affected product listings based on Siemens ProductCERT advisory SSA-613116. The vulnerability is classified as 'Misinformed' in the threat assessment, indicating potential for information disclosure or system instability rather than direct code execution. Organizations should apply vendor-provided firmware updates for affected SCALANCE and RUGGEDCOM devices and follow CISA's ICS recommended practices for defense-in-depth strategies.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens SCALANCE X-family industrial Ethernet switches (XC-300/XR-300/XC-400/XR-500WG/XR-500, XCM-/XRM-/XCH-/XRH-300) and RUGGEDCOM RST2428P devices in industrial control system (ICS) environments. System administrators responsible for OT/ICS network infrastructure, security teams managing critical infrastructure, and compliance officers overseeing NERC CIP or similar industrial cybersecurity frameworks should prioritize assessment and patching.
Technical summary
The vulnerability exists in the AMDGPU (AMD GPU) Direct Rendering Manager (DRM) driver within the Linux kernel. The `smc_rreg` pointer, used for reading registers from the System Management Controller (SMC), can be NULL under certain conditions, leading to a null pointer dereference when accessed. This is a classic memory safety issue that results in kernel oops or panic, causing denial of service. The fix ensures proper null pointer checks before dereferencing `smc_rreg`. Affected Siemens products incorporate this vulnerable kernel component in their SINEC OS firmware for industrial Ethernet switches.
Defensive priority
medium
Recommended defensive actions
- Apply vendor-provided firmware updates for affected Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family, and RUGGEDCOM RST2428P devices as specified in Siemens ProductCERT
- Implement network segmentation for industrial control systems to limit exposure of affected devices
- Monitor for anomalous system behavior or unexpected crashes on affected devices
- Follow CISA's ICS recommended practices for defense-in-depth cybersecurity strategies
- Review and update incident response procedures for industrial control system environments
Evidence notes
Vulnerability description sourced from CISA CSAF advisory ICSA-25-226-15. The advisory underwent multiple revisions: initial publication (2025-08-12), correction of affected products (2026-02-12), removal of rejected CVEs and unsupported version notes (2026-02-24), and final republication based on Siemens SSA-613116 (2026-02-25). The threat category is explicitly marked as 'Misinformed' with impact on products CSAFPID-0001, CSAFPID-0003, and CSAFPID-0004.
Official resources
-
CVE-2023-52817 CVE record
CVE.org
-
CVE-2023-52817 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12