CVE-2023-6606 Siemens CVE debrief

Who should care

Organizations operating Siemens industrial networking infrastructure, particularly RUGGEDCOM and SCALANCE product families, should review this advisory to confirm their exposure assessment. Security teams managing Linux-based industrial systems with SMB client functionality should verify kernel versions and local access controls. ICS/OT security practitioners should incorporate this into defense-in-depth strategies for industrial networks.

Technical summary

The vulnerability exists in smbCalcSize() within fs/smb/client/netmisc.c in the Linux Kernel. An out-of-bounds read condition can occur, potentially allowing a local attacker to cause system crashes or leak kernel memory contents. Siemens has determined this vulnerability is **Misinformed** for their affected product lines (RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family), suggesting the reported vulnerability does not represent an actual security risk in their specific implementations. The advisory underwent multiple revisions between August 2025 and February 2026 to correct product impact assessments.

Defensive priority

medium

Recommended defensive actions

• Verify Siemens SINEC OS and SCALANCE/RUGGEDCOM firmware versions against Siemens ProductCERT SSA-613116 guidance
• Review local access controls on affected industrial networking devices to mitigate local attack vector
• Monitor Siemens security advisories for any reassessment of vulnerability impact
• Apply defense-in-depth practices for industrial control systems per CISA recommendations

Evidence notes

Siemens ProductCERT SSA-613116 advisory (via CISA CSAF ICSA-25-226-15) identifies CVE-2023-6606 as 'Misinformed' for RUGGEDCOM RST2428P and SCALANCE X-family products. The Linux Kernel vulnerability itself was originally identified in 2023, but Siemens' assessment and CISA republication occurred in 2025-2026.

Official resources