PatchSiren cyber security CVE debrief
CVE-2024-37356 Siemens CVE debrief
A shift-out-of-bounds vulnerability in the Linux kernel's DCTCP (Data Center TCP) congestion control algorithm could allow a local attacker to cause denial of service or potentially achieve code execution. The flaw exists in the dctcp_update_alpha() function where improper bounds checking on shift operations could lead to undefined behavior. Siemens has confirmed this vulnerability affects multiple industrial networking product families including RUGGEDCOM RST2428P and SCALANCE X-series switches running SINEC OS. The vulnerability was resolved in the upstream Linux kernel and Siemens has released updates to address the issue in affected products.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 6.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Organizations operating Siemens industrial Ethernet switches and routers, particularly in critical infrastructure and manufacturing environments. Security teams responsible for OT/ICS network security, network administrators managing SCALANCE and RUGGEDCOM product deployments, and compliance officers tracking CVE remediation for industrial control systems should prioritize this update given the high availability impact potential.
Technical summary
The vulnerability resides in the dctcp_update_alpha() function within the Linux kernel's TCP DCTCP (Data Center TCP) congestion control implementation. A shift-out-of-bounds condition occurs due to insufficient validation of values used in bit shift operations, potentially leading to undefined behavior. The CVSS v3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H) indicates this requires local access with low privileges, no user interaction, but can result in high availability impact. Siemens industrial networking products running SINEC OS incorporate the affected Linux kernel components. The vendor has released updates to SINEC OS V3.1 to remediate this vulnerability across affected product lines including SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family, and RUGGEDCOM RST2428P switches.
Defensive priority
HIGH
Recommended defensive actions
- Apply vendor-provided updates to SINEC OS V3.1 or later for affected SCALANCE and RUGGEDCOM products per Siemens ProductCERT guidance
- For products where immediate patching is not feasible, implement network segmentation to limit local access to affected industrial switches
- Monitor for anomalous local access attempts to affected devices as exploitation requires local privileges
- Review and apply CISA ICS recommended practices for defense-in-depth strategies in industrial control environments
- Validate that DCTCP congestion control is not enabled on untrusted network paths where local attackers may have access
Evidence notes
CVE published 2025-08-12 per official CVE record. CISA ICS advisory ICSA-25-226-15 published same date. Siemens ProductCERT advisory SSA-613116 provides vendor fix details. CVSS 6.6 (MEDIUM) with vector AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H indicates local attack vector with low privileges required, but high availability impact.
Official resources
-
CVE-2024-37356 CVE record
CVE.org
-
CVE-2024-37356 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12