PatchSiren cyber security CVE debrief
CVE-2024-26910 Siemens CVE debrief
This CVE addresses a performance regression in the Linux kernel's netfilter ipset subsystem, specifically affecting the swap operation. The vulnerability was resolved in the Linux kernel and affects Siemens industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and SCALANCE X-family switches. The issue is classified as a performance regression rather than a traditional security vulnerability with direct exploitability. CISA and Siemens published coordinated advisories in August 2025, with subsequent updates through February 2026 to correct affected product listings and remove rejected CVEs. No CVSS score is available in the source data, and the vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM and SCALANCE industrial networking equipment with SINEC OS should monitor this advisory for completeness, though the reclassified impact suggests limited operational concern. Security teams maintaining Linux-based industrial systems should track kernel netfilter updates as part of routine maintenance.
Technical summary
The vulnerability exists in the Linux kernel's netfilter ipset subsystem, which provides framework for IP set management used in firewall rules. The specific issue involves a performance regression during swap operations, where inefficient handling could degrade system performance. The fix was committed to the Linux kernel mainline. Siemens products incorporating this kernel component were initially flagged but subsequently reclassified as 'Misinformed' impact, suggesting the vulnerability may not be practically exploitable or relevant in the vendor's specific implementation context.
Defensive priority
low
Recommended defensive actions
- Review Siemens ProductCERT SSA-613116 for current product impact assessment
- Verify SINEC OS version on affected Siemens industrial switches and routers
- Apply standard kernel maintenance updates through vendor channels if applicable
- Monitor CISA ICS advisories for any future reclassification
Evidence notes
The source advisory (ICSA-25-226-15) indicates this CVE was initially included in a Siemens ProductCERT advisory but later analysis determined the impact was 'Misinformed' per the threat category in the CSAF data. The February 2026 republication removed rejected CVEs and clarified product scope. The vulnerability description indicates a kernel-level fix for ipset swap performance, typical of Linux netfilter maintenance fixes.
Official resources
-
CVE-2024-26910 CVE record
CVE.org
-
CVE-2024-26910 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12