PatchSiren cyber security CVE debrief
CVE-2024-26751 Siemens CVE debrief
This CVE addresses a missing terminator in the GPIO descriptor lookup table for the ARM ep93xx platform in the Linux kernel. The gpiod_lookup_table structure requires a null terminator entry to properly signal the end of the table; without it, kernel code iterating through the table may read past valid entries, leading to undefined behavior or potential memory access issues. The fix adds the required terminator entry to ensure proper bounds handling.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment, particularly RUGGEDCOM RST2428P switches and SCALANCE X-family devices (XC-300/XR-300/XC-400/XR-500WG/XR-500, XCM-/XRM-/XCH-/XRH-300 families), should assess this kernel-level vulnerability. System administrators maintaining embedded Linux systems on ARM ep93xx hardware should also review applicable kernel updates.
Technical summary
The Linux kernel's GPIO descriptor lookup table for the ARM ep93xx platform lacked a proper null terminator entry. The gpiod_lookup_table structure uses a zero-filled sentinel entry to mark the end of the table; without this terminator, kernel subsystems iterating through GPIO mappings could over-read into adjacent memory. The resolution adds the required terminator to ensure correct bounds checking and prevent potential memory safety issues during GPIO lookup operations on affected ARM platforms.
Defensive priority
medium
Recommended defensive actions
- Review kernel patch for ARM ep93xx gpiod_lookup_table terminator addition and assess applicability to deployed Siemens SCALANCE and RUGGEDCOM devices
- Verify current firmware version against Siemens ProductCERT advisory SSA-613116 for affected product families
- Apply vendor-provided firmware updates when available per Siemens security advisory guidance
- Monitor CISA ICS advisories for additional guidance on industrial control system protections
Evidence notes
The vulnerability description indicates a kernel-level fix for the ARM ep93xx platform's GPIO lookup table structure. The source advisory (ICSA-25-226-15) from CISA, republished based on Siemens ProductCERT SSA-613116, lists this CVE as affecting Siemens industrial networking products including RUGGEDCOM RST2428P and SCALANCE X-family switches. The advisory's threat assessment categorizes impact as 'Misinformed' for affected product IDs. The CVE was modified on 2026-02-25 as part of CISA's republication update. No CVSS score or severity is available in the source data.
Official resources
-
CVE-2024-26751 CVE record
CVE.org
-
CVE-2024-26751 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12