CVE-2024-26988 Siemens CVE debrief

Who should care

Organizations operating Siemens industrial networking infrastructure including manufacturing facilities, critical infrastructure operators, and enterprises deploying SCALANCE switches or RUGGEDCOM devices in industrial control system environments.

Technical summary

The vulnerability exists in init/main.c where static_command_line memory handling could overflow. A local attacker with low privileges could exploit this to cause system instability or denial of service. The CVSS 3.1 score of 5.5 (MEDIUM) reflects the local attack vector and high availability impact with no confidentiality or integrity effects. Affected products include Siemens RUGGEDCOM RST2428P (6GK6242-6PA00), SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family running SINEC OS versions prior to 3.1.

Defensive priority

medium

Recommended defensive actions

• Apply vendor-provided update to SINEC OS V3.1 or later version for affected SCALANCE and RUGGEDCOM products
• Review Siemens ProductCERT advisory SSA-613116 for specific product update guidance
• Implement defense-in-depth strategies for industrial control systems per CISA recommended practices
• Monitor for anomalous local access attempts on affected industrial networking devices
• Validate boot command line configurations are from trusted sources

Evidence notes

Vulnerability description sourced from CISA CSAF advisory ICSA-25-226-15 and Siemens ProductCERT SSA-613116. CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates local attack vector with low attack complexity and low privileges required, resulting in high availability impact. Vendor fix available requiring update to SINEC OS V3.1 or later.

Official resources