PatchSiren cyber security CVE debrief
CVE-2023-52919 Siemens CVE debrief
A NULL pointer dereference vulnerability in the Linux kernel's NFC (Near Field Communication) NCI (NFC Controller Interface) subsystem was resolved in the `send_acknowledge()` function. The vulnerability could allow a local attacker to trigger a kernel crash through a NULL pointer dereference. Siemens has assessed this vulnerability as not affecting their RUGGEDCOM RST2428P and SCALANCE product families, marking the impact as 'Misinformed' in their security advisory. The CVE was published on August 12, 2025, with subsequent modifications through February 25, 2026, including corrections to affected product listings and removal of rejected CVEs from related advisories.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Linux kernel maintainers and system administrators managing NFC-enabled systems; industrial operators using Siemens SCALANCE and RUGGEDCOM networking equipment seeking clarification on vulnerability applicability; security teams tracking kernel-level vulnerabilities in embedded and industrial systems.
Technical summary
The vulnerability exists in the Linux kernel's NFC Controller Interface (NCI) implementation, specifically in the `send_acknowledge()` function. A NULL pointer dereference condition could be triggered, potentially leading to kernel crash. The fix involves proper NULL pointer validation before dereferencing. Siemens has determined that their industrial networking products (RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family) are not affected by this vulnerability despite initial inclusion in affected product lists, as reflected in advisory revisions dated February 12 and February 24, 2026.
Defensive priority
low
Recommended defensive actions
- Verify Linux kernel version and apply upstream kernel patches addressing NFC NCI NULL pointer dereference in send_acknowledge()
- Review Siemens ProductCERT SSA-613116 advisory for definitive product impact assessment
- For Siemens SCALANCE and RUGGEDCOM deployments, confirm current firmware version against vendor security notifications
- Implement network segmentation for industrial control systems per CISA ICS recommended practices
- Monitor CISA ICS advisories for updates to ICSA-25-226-15
Evidence notes
The vulnerability description indicates a NULL pointer dereference fix in the Linux kernel's NFC NCI subsystem. Siemens ProductCERT advisory SSA-613116, republished by CISA as ICSA-25-226-15, explicitly marks the impact as 'Misinformed' for the affected product IDs, indicating these products are not actually vulnerable. The revision history shows multiple updates correcting product listings and removing rejected CVEs.
Official resources
-
CVE-2023-52919 CVE record
CVE.org
-
CVE-2023-52919 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12