PatchSiren cyber security CVE debrief
CVE-2024-37078 Siemens CVE debrief
CVE-2024-37078 is a kernel vulnerability in the nilfs2 filesystem affecting Siemens industrial networking products. The issue stems from a race condition where the log writer initiates writeback for segment summary blocks or super root blocks using the backing device's page cache without waiting for ongoing folio/page writeback operations to complete. This results in an inconsistent writeback state that could lead to data corruption or system instability. The vulnerability was published on 2025-08-12 and last modified on 2026-02-25. Siemens has assessed the impact as 'Misinformed' for affected products including the RUGGEDCOM RST2428P and SCALANCE X-family switches running SINEC OS. No CVSS score or severity rating has been assigned in the available sources. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P switches, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices in industrial control system environments should assess their exposure to this kernel-level filesystem vulnerability.
Technical summary
The nilfs2 filesystem log writer fails to wait for ongoing folio/page writeback operations when initiating writeback for segment summary blocks or super root blocks. This race condition creates an inconsistent writeback state in the backing device's page cache. The vulnerability affects Siemens industrial networking products utilizing SINEC OS with the vulnerable nilfs2 implementation.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-355557 for detailed product-specific guidance
- Verify SINEC OS and nilfs2 kernel patch levels on affected Siemens industrial networking equipment
- Apply vendor-provided firmware updates when available for RUGGEDCOM RST2428P and SCALANCE X-family devices
- Monitor CISA ICS advisories for updates to ICSA-25-226-07
- Implement defense-in-depth strategies for industrial control systems per CISA recommended practices
Evidence notes
The vulnerability description is sourced from CISA ICS Advisory ICSA-25-226-07, which references Siemens ProductCERT advisory SSA-355557. The threat assessment of 'Misinformed' impact is explicitly stated in the CSAF source data. The CVE was republished by CISA on 2026-02-25 based on updated Siemens advisory information.
Official resources
-
CVE-2024-37078 CVE record
CVE.org
-
CVE-2024-37078 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12