PatchSiren cyber security CVE debrief
CVE-2023-52853 Siemens CVE debrief
A vulnerability in the Linux kernel's HID CP2112 driver allowed duplicate workqueue initialization, which could lead to system instability or undefined behavior. The issue was resolved by fixing the duplicate initialization in the driver code. Siemens has assessed this vulnerability as affecting certain industrial networking products running SINEC OS, which incorporates the vulnerable Linux kernel component. The vulnerability was originally resolved in the upstream Linux kernel and subsequently addressed in affected Siemens products through security updates.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens SCALANCE X-family switches, RUGGEDCOM RST2428P devices, or other industrial networking equipment running SINEC OS should prioritize patching. System administrators managing industrial control system networks and security teams responsible for OT/ICS infrastructure should monitor this advisory for patch availability and deployment guidance.
Technical summary
The vulnerability exists in the CP2112 HID driver within the Linux kernel, where duplicate workqueue initialization could occur. The CP2112 is a USB-to-I2C bridge device commonly used in embedded and industrial applications. Duplicate workqueue initialization can lead to resource leaks, system instability, or kernel warnings. The fix ensures proper single initialization of the workqueue. Siemens industrial networking products incorporating this kernel component are affected, with patches available through SINEC OS updates.
Defensive priority
routine
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for specific affected product versions and patch availability
- Apply security updates provided by Siemens for affected SCALANCE and RUGGEDCOM devices
- Verify SINEC OS version on affected devices and upgrade to patched versions as recommended
- Monitor CISA ICS advisories for additional guidance on industrial control system security practices
Evidence notes
The vulnerability description indicates a duplicate workqueue initialization issue in the hid:cp2112 Linux kernel driver. Siemens ProductCERT advisory SSA-613116 (referenced via CISA CSAF ICSA-25-226-15) identifies affected products including RUGGEDCOM RST2428P and SCALANCE X-family devices. The source advisory was initially published 2025-08-12 and subsequently revised 2026-02-12, 2026-02-24, and 2026-02-25 to correct affected product listings and remove rejected CVEs. The threat assessment in the source material categorizes impact as 'Misinformed' for the affected product IDs.
Official resources
-
CVE-2023-52853 CVE record
CVE.org
-
CVE-2023-52853 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12