PatchSiren cyber security CVE debrief
CVE-2024-26997 Siemens CVE debrief
A variable dereference issue in the DesignWare USB 2.0 (DWC2) host controller driver's Descriptor DMA (DDMA) completion flow was resolved in the Linux kernel. The vulnerability affected Siemens industrial networking products running SINEC OS, specifically the RUGGEDCOM RST2428P and SCALANCE X-family switches. Siemens has addressed this through updates to SINEC OS V3.1 or later. The CVSS vector indicates network attack vector with high attack complexity, requiring no privileges but user interaction, with no impact to confidentiality, integrity, or availability—suggesting limited practical exploitability.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- NONE
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM and SCALANCE industrial Ethernet switches, particularly those with USB host functionality exposed or in use. ICS/OT security teams maintaining SINEC OS-based infrastructure should verify patch status. Given the CVSS scoring indicating no security impact, prioritization should be lower than vulnerabilities with demonstrated exploitability or impact.
Technical summary
The vulnerability exists in the DesignWare USB 2.0 (DWC2) host controller driver within the Linux kernel, specifically in the Descriptor DMA (DDMA) completion handling code. A variable dereference issue in this flow could lead to undefined behavior. The fix corrects the dereference logic in the DDMA completion path. This driver is used in embedded Linux systems including Siemens industrial networking equipment running SINEC OS. The affected products include RUGGEDCOM RST2428P (6GK6242-6PA00) and SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family switches. The CVSS 3.1 vector indicates network accessibility with high attack complexity, requiring user interaction but no privileges, with no rated impact to confidentiality, integrity, or availability.
Defensive priority
low
Recommended defensive actions
- Update affected Siemens SINEC OS devices to version 3.1 or later per vendor guidance
- Review network segmentation for industrial control systems to limit exposure of USB host interfaces
- Apply defense-in-depth practices for ICS environments per CISA guidance
- Monitor for subsequent vendor advisories regarding additional affected products or patches
Evidence notes
The vulnerability description indicates a fix for a variable dereference issue in the DWC2 host controller's DDMA completion flow. Siemens ProductCERT advisory SSA-613116 (republished by CISA as ICSA-25-226-15) identifies affected products and remediation. The CVSS 3.1 vector (AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:N) yields a base score of 0.0, indicating no security impact under standard scoring. The advisory was initially published 2025-08-12 and most recently updated 2026-02-25 to reflect CISA republication based on Siemens advisory updates.
Official resources
-
CVE-2024-26997 CVE record
CVE.org
-
CVE-2024-26997 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12