CVE-2024-35902 Siemens CVE debrief

Who should care

Industrial control system operators, OT security teams, Siemens SIMATIC S7-1500 TM MFP administrators, critical infrastructure security personnel, and organizations running Linux-based embedded systems in operational technology environments

Technical summary

The vulnerability exists in `net/rds` where the `cp` parameter in `__rds_rdma_map` may be null. When `cp->cp_conn` is dereferenced without null checking, a kernel panic or denial-of-service condition can occur. This is a local vulnerability requiring low privileges to exploit, with high availability impact but no confidentiality or integrity impact.

Defensive priority

medium

Recommended defensive actions

• Restrict interactive shell access to the GNU/Linux subsystem on affected Siemens SIMATIC S7-1500 TM MFP devices to trusted personnel only
• Only build and run applications from trusted sources on affected systems
• Monitor for vendor security updates from Siemens for patch availability
• Apply defense-in-depth strategies for industrial control systems per CISA guidance
• Review network segmentation to limit exposure of affected industrial control devices

Evidence notes

The vulnerability description is sourced directly from CISA CSAF data and Siemens security advisories. The CVSS vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates a local attack vector with low attack complexity, requiring low privileges, resulting in high availability impact with no confidentiality or integrity impact.

Official resources