CVE-2024-26720 Siemens CVE debrief

Who should care

Operators of Siemens SCALANCE and RUGGEDCOM industrial networking equipment; security teams tracking Linux kernel vulnerabilities in embedded/OT environments

Technical summary

The vulnerability involves a divide-by-zero condition in wb_dirty_limits(), a function in the Linux kernel's memory management writeback subsystem. This function calculates dirty page limits for writeback control. A divide-by-zero could cause kernel instability. However, Siemens has assessed this CVE as 'Misinformed' for their affected product lines, indicating the vulnerability either does not affect these products or the initial impact assessment was incorrect. The underlying kernel fix was applied upstream.

Defensive priority

low

Recommended defensive actions

• Verify SCALANCE/RUGGEDCOM device firmware versions against Siemens ProductCERT SSA-613116 guidance
• Monitor Siemens ProductCERT and CISA ICS advisories for updated impact assessments
• Apply standard ICS defense-in-depth practices per CISA recommended practices for industrial control systems

Evidence notes

Siemens ProductCERT SSA-613116 advisory, republished by CISA as ICSA-25-226-15. The threat assessment category 'impact' with details 'Misinformed' indicates Siemens determined this CVE does not affect the listed products as originally reported, or the impact assessment was corrected. The advisory underwent multiple revisions, with the most recent on 2026-02-25 removing rejected CVEs and updating affected product lists.

Official resources