CVE-2023-52867 Siemens CVE debrief

Who should care

Organizations operating Siemens industrial networking equipment including RUGGEDCOM RST2428P switches and SCALANCE X-family managed switches in critical infrastructure, manufacturing, and utility environments.

Technical summary

Buffer overflow vulnerability in Linux kernel drm/radeon driver. Affects Siemens industrial networking products running SINEC OS. Kernel patch available upstream; vendor firmware updates advised.

Defensive priority

medium

Recommended defensive actions

• Verify kernel version on affected Siemens SINEC OS devices (RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family)
• Consult Siemens ProductCERT advisory SSA-613116 for specific patch availability and version guidance
• Apply vendor-provided firmware updates when available per organizational change management procedures
• Monitor CISA ICS advisories for updates to ICSA-25-226-15
• Review and validate threat intelligence sources given the 'Misinformed' impact classification in source data

Evidence notes

The source CISA CSAF advisory ICSA-25-226-15 was initially published 2025-08-12 and most recently modified 2026-02-25 to incorporate Siemens ProductCERT SSA-613116. The CVE description indicates the vulnerability was resolved in the Linux kernel. Siemens ProductCERT references are provided for technical details. The threat category 'Misinformed' in the source CSAF suggests this CVE entry may have classification or scoping issues requiring verification.

Official resources