PatchSiren cyber security CVE debrief
CVE-2024-26600 Siemens CVE debrief
A NULL pointer dereference vulnerability in the Texas Instruments OMAP USB2 PHY driver (phy-omap-usb2) within the Linux kernel, specifically affecting Session Request Protocol (SRP) functionality. The vulnerability was resolved in the Linux kernel with a fix for the NULL pointer dereference condition. Siemens has identified this CVE as applicable to certain industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and SCALANCE X-family switches. The CISA advisory ICSA-25-226-15, published August 12, 2025, and subsequently updated through February 25, 2026, tracks this vulnerability. Notably, the February 2026 revisions corrected product impact assessments—moving some entries from affected to not affected—and removed rejected CVEs from the advisory. The vulnerability is classified with an impact assessment of 'Misinformed' in the CSAF data, indicating potential for information disclosure or system misbehavior rather than direct code execution. No CVSS score is available in the provided source data, and this CVE is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment including RUGGEDCOM RST2428P and SCALANCE X-family switches (XC-300/XR-300/XC-400/XR-500WG/XR-500, XCM-/XRM-/XCH-/XRH-300 families). Industrial control system operators utilizing Linux-based embedded systems with TI OMAP USB2 PHY components. Security teams responsible for OT/ICS infrastructure patch management and vulnerability assessment.
Technical summary
The vulnerability exists in the Texas Instruments OMAP USB2 PHY driver (drivers/phy/ti/phy-omap-usb2.c) within the Linux kernel. A NULL pointer dereference occurs in the Session Request Protocol (SRP) code path, potentially triggered when SRP-related operations are performed without proper initialization checks. The fix resolves this by addressing the NULL pointer condition. This kernel-level vulnerability affects embedded systems and industrial devices utilizing the OMAP USB2 PHY with SRP functionality. Siemens has confirmed impact to select networking products running SINEC OS, though advisory revisions indicate some initially listed products were subsequently determined not affected.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-613116 for detailed product impact and patch availability
- Verify SINEC OS version on affected SCALANCE and RUGGEDCOM devices; ensure version 3.1 or later is deployed per advisory revision notes
- Apply kernel updates or vendor-provided firmware patches addressing the phy-omap-usb2 NULL pointer dereference
- Monitor CISA ICS advisories for additional guidance on industrial control system defensive measures
- Implement network segmentation for industrial control systems per CISA recommended practices to limit exposure of affected devices
Evidence notes
Vulnerability description sourced from Linux kernel commit message indicating NULL pointer dereference fix in phy-omap-usb2 driver for SRP. Vendor attribution to Siemens RUGGEDCOM RST2428P and SCALANCE products confirmed through CISA CSAF advisory ICSA-25-226-15. Timeline derived from CSAF revision history showing initial publication 2025-08-12 and updates through 2026-02-25. Impact classification 'Misinformed' per CSAF threats field. Not a KEV per enrichment data.
Official resources
-
CVE-2024-26600 CVE record
CVE.org
-
CVE-2024-26600 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12