PatchSiren cyber security CVE debrief
CVE-2024-35990 Siemens CVE debrief
A locking issue in the Xilinx DPDMA driver for Linux kernel could allow a local attacker to cause a denial of service condition. The vulnerability exists in the DMA subsystem's Xilinx DPDMA implementation where improper locking mechanisms may lead to race conditions or resource contention. A successful exploit requires local access with low privileges and no user interaction, resulting in high availability impact. The CVSS 3.1 vector indicates local attack vector with low attack complexity.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Organizations operating Siemens SCALANCE and RUGGEDCOM industrial networking infrastructure, particularly those in critical infrastructure sectors with SINEC OS deployments. OT security teams responsible for patch management of industrial Ethernet switches and routers should prioritize this update.
Technical summary
The vulnerability resides in the Xilinx DPDMA (DisplayPort DMA) driver within the Linux kernel DMA subsystem. The issue involves improper locking that could be exploited by a local attacker with low privileges to trigger a denial of service condition. The attack requires no user interaction and has low attack complexity. The vulnerability affects Siemens industrial networking products including SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family, and RUGGEDCOM RST2428P when running SINEC OS versions prior to 3.1. The CVSS 3.1 score of 5.5 reflects medium severity with high availability impact but no confidentiality or integrity impact.
Defensive priority
medium
Recommended defensive actions
- Apply vendor-provided firmware updates to V3.1 or later for affected Siemens SCALANCE and RUGGEDCOM devices per Siemens ProductCERT advisory
- Review and implement CISA ICS recommended practices for industrial control systems defense in depth
- Monitor Siemens ProductCERT security advisories for additional updates to SSA-613116
- For environments where immediate patching is not feasible, apply network segmentation and access controls to limit local access to affected devices
Evidence notes
CISA ICS advisory ICSA-25-226-15 published 2025-08-12 identifies this vulnerability in Siemens industrial networking products running SINEC OS. The advisory was subsequently modified on 2026-02-25 to reflect updates based on Siemens ProductCERT SSA-613116. The vulnerability description indicates a fix for locking in the Xilinx DPDMA (DisplayPort DMA) driver. Siemens has issued a vendor fix recommending update to V3.1 or later.
Official resources
-
CVE-2024-35990 CVE record
CVE.org
-
CVE-2024-35990 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12