PatchSiren cyber security CVE debrief
CVE-2023-52875 Siemens CVE debrief
A vulnerability in the Linux kernel's Mediatek clock driver (clk-mt2701) was resolved by adding a null-check for mtk_alloc_clk_data. The issue was a missing validation that could lead to undefined behavior if memory allocation failed. Siemens has assessed this CVE as **Misinformed** for their affected industrial networking products (RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family), indicating the vulnerability does not actually affect these products as initially reported. The CVE was published on 2025-08-12 and last modified on 2026-02-25. No CVSS score is available. This is not a Known Exploited Vulnerability (KEV).
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations running Siemens RUGGEDCOM and SCALANCE industrial networking equipment; Linux kernel maintainers for Mediatek SoC support; OT security teams monitoring CISA ICS advisories
Technical summary
The vulnerability exists in the Mediatek clock driver for MT2701 SoCs in the Linux kernel. The fix adds a null-check for the return value of mtk_alloc_clk_data(), which allocates memory for clock data structures. Without this check, a failed memory allocation could result in null pointer dereference. The vulnerability is classified as CWE-476 (NULL Pointer Dereference). Siemens has determined this CVE does not actually affect their listed products despite initial inclusion in affected product lists.
Defensive priority
low
Recommended defensive actions
- Verify current firmware version on affected Siemens devices
- Review Siemens ProductCERT advisory SSA-613116 for product-specific guidance
- Apply vendor-recommended updates if applicable
- Monitor CISA ICS advisories for future updates
Evidence notes
The source CSAF document (ICSA-25-226-15) explicitly marks this CVE with threat category 'impact' and details 'Misinformed' for all affected product IDs (CSAFPID-0001, CSAFPID-0003, CSAFPID-0004). The CVE description indicates a kernel-level fix was implemented. No CVSS vector is provided in the source.
Official resources
-
CVE-2023-52875 CVE record
CVE.org
-
CVE-2023-52875 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
The vulnerability was resolved in the Linux kernel by adding a check for mtk_alloc_clk_data. Siemens ProductCERT published advisory SSA-613116, subsequently republished by CISA as ICSA-25-226-15. The CISA advisory was updated on 2026-02-25,