PatchSiren cyber security CVE debrief
CVE-2024-35915 Siemens CVE debrief
CVE-2024-35915 is a medium-severity vulnerability (CVSS 5.5) affecting the NFC (Near Field Communication) NCI (NFC Controller Interface) subsystem in the Linux kernel. The vulnerability involves use of uninitialized values in the `nci_dev_up` and `nci_ntf_packet` functions, which could lead to denial of service conditions. Siemens has identified this vulnerability as affecting the GNU/Linux subsystem of the SIMATIC S7-1500 TM MFP industrial control device. The vulnerability was published on April 9, 2024, and the advisory has been updated multiple times through September 2025 to include additional related CVEs. No patch is currently available from Siemens; mitigation relies on access controls and trusted application practices.
- Vendor
- Siemens
- Product
- SIMATIC S7-1500 TM MFP - GNU/Linux subsystem
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Organizations operating Siemens SIMATIC S7-1500 TM MFP devices with the GNU/Linux subsystem enabled; industrial control system operators relying on NFC functionality; security teams managing OT/ICS environments with embedded Linux systems.
Technical summary
The vulnerability exists in the NFC Controller Interface (NCI) implementation within the Linux kernel's NFC subsystem. The `nci_dev_up` and `nci_ntf_packet` functions use uninitialized values, which can trigger undefined behavior and potentially cause system crashes or denial of service. The attack requires local access with low privileges and has low attack complexity. The vulnerability does not impact confidentiality or integrity, but has high availability impact.
Defensive priority
medium
Recommended defensive actions
- Restrict interactive shell access to the GNU/Linux subsystem to trusted personnel only
- Build and run applications only from trusted sources
- Monitor for future security updates from Siemens for patch availability
- Apply defense-in-depth strategies for industrial control systems per CISA guidance
Evidence notes
Vulnerability description and affected product information sourced from CISA CSAF advisory ICSA-24-102-01. CVSS vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates local attack vector with low attack complexity, requiring low privileges, resulting in high availability impact. Remediation status confirmed as 'none_available' in source advisory.
Official resources
-
CVE-2024-35915 CVE record
CVE.org
-
CVE-2024-35915 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2024-04-09