PatchSiren cyber security CVE debrief
CVE-2024-12718 Siemens CVE debrief
The supplied advisory data ties CVE-2024-12718 to Siemens products and remediation guidance, while the CVE description itself says the issue affects Python 3.12+ tarfile extraction filters. In the source corpus, the issue is rated medium severity and the vendor remediation is to update affected Siemens products to V3.3 or later. CISA republished the advisory on 2026-02-25 after the initial 2026-01-28 publication.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.3
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-01-28
- Original CVE updated
- 2026-02-25
- Advisory published
- 2026-01-28
- Advisory updated
- 2026-02-25
Who should care
Organizations running the Siemens products named in the advisory, especially teams responsible for firmware/software maintenance, and developers or platform teams using Python 3.12+ tarfile extraction on untrusted archives.
Technical summary
The CVSS vector is network-reachable with no privileges or user interaction and integrity impact only (CVSS 5.3, AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). The CVE description says TarFile.extractall() and TarFile.extract() can be abused when filter="data" or filter="tar" is used, allowing metadata changes (such as last-modified timestamps) or chmod changes on files outside the extraction directory. The description also states that only Python 3.12 or later are affected, and that Python 3.14 changes the default filter to "data". The Siemens CSAF remediation in the source corpus is to update affected products to V3.3 or later.
Defensive priority
Medium: the issue is integrity-focused and not a full code-execution vulnerability in the provided description, but the exposure is network-reachable and the source corpus includes vendor remediation for multiple Siemens product lines.
Recommended defensive actions
- Identify whether any Siemens products listed in the advisory are deployed and compare them against the vendor remediation guidance.
- Update affected Siemens products to V3.3 or later using the Siemens support notice referenced by CISA.
- If you use Python tarfile extraction on untrusted archives, avoid relying on filter="data" or filter="tar" for security and validate archive contents before extraction.
- Review source-distribution installation workflows for suspicious links before installing tar-based source packages.
- Track the Siemens and CISA advisory pages for any further scope clarification or additional remediation notes.
Evidence notes
The source corpus contains an apparent scope inconsistency: the CVE narrative is about Python tarfile extraction filters, while the CSAF advisory metadata and remediation entries are for Siemens products. This debrief reflects both parts of the supplied corpus and avoids assuming which product scope is definitive beyond the cited sources. Timing context used here is taken from the supplied source dates: published 2026-01-28 and modified 2026-02-25.
Official resources
-
CVE-2024-12718 CVE record
CVE.org
-
CVE-2024-12718 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in the supplied source corpus on 2026-01-28, with CISA republication updates recorded on 2026-02-12, 2026-02-24, and 2026-02-25. The debrief uses the source-supplied published and modified dates, not generation time.