PatchSiren cyber security CVE debrief
CVE-2024-25741 Siemens CVE debrief
CVE-2024-25741 is a medium-severity vulnerability in the Linux kernel's USB gadget printer driver (f_printer.c) affecting versions through 6.7.4. The flaw stems from improper handling of the usb_ep_queue function call in printer_write, which may allow attackers to cause denial of service or other unspecified impacts. Siemens has identified this vulnerability as affecting certain industrial networking products running SINEC OS, specifically the RUGGEDCOM RST2428P and SCALANCE X-family switches. The vulnerability was initially published on August 12, 2025, with subsequent advisory updates through February 25, 2026, including corrections to affected product listings and removal of rejected CVEs. Siemens has issued a vendor fix recommending updates to version 3.1 or later for affected SCALANCE products.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens SCALANCE X-family industrial Ethernet switches or RUGGEDCOM RST2428P devices, particularly those with USB connectivity features enabled. Industrial control system operators relying on SINEC OS-based networking infrastructure should prioritize firmware updates. Security teams managing OT/ICS environments with Linux-based embedded systems using USB gadget modes.
Technical summary
The vulnerability exists in the printer_write function within drivers/usb/gadget/function/f_printer.c in the Linux kernel. The improper usb_ep_queue function call handling creates conditions for potential denial of service. The affected code path is in the USB gadget subsystem's printer function driver, which exposes USB printer device emulation to USB hosts. Local attackers with low privileges could potentially trigger the vulnerability. Siemens has confirmed impact to industrial networking products utilizing affected kernel versions in their SINEC OS platform, with specific product families including SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 and RUGGEDCOM RST2428P switches.
Defensive priority
medium
Recommended defensive actions
- Apply vendor-provided firmware updates to version 3.1 or later for affected SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family products
- Review and implement CISA ICS recommended practices for defense-in-depth strategies
- Assess exposure of USB gadget functionality in deployed industrial control systems
- Monitor Siemens ProductCERT advisory SSA-613116 for additional product-specific guidance
- Verify RUGGEDCOM RST2428P configurations to determine if USB printer gadget functionality is enabled
Evidence notes
Vulnerability confirmed in Linux kernel through 6.7.4 per CVE description. Siemens ProductCERT advisory SSA-613116 and CISA ICS advisory ICSA-25-226-15 document affected industrial control products. CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates local attack vector with low attack complexity, requiring low privileges, resulting in high availability impact. Advisory revision history shows multiple updates correcting product impact assessments between February 12-25, 2026.
Official resources
-
CVE-2024-25741 CVE record
CVE.org
-
CVE-2024-25741 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
public