PatchSiren cyber security CVE debrief
CVE-2024-41055 Siemens CVE debrief
CVE-2024-41055 is publicly documented in Siemens/CISA advisory material as a Linux kernel NULL pointer dereference condition tied to pfn_section_valid(). The supplied advisory states that a prior READ_ONCE() change did not prevent dereferencing a cleared ms->usage pointer, and that no fix was available at publication time.
- Vendor
- Siemens
- Product
- SIMATIC S7-1500 TM MFP - BIOS
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-03-11
- Original CVE updated
- 2025-09-09
- Advisory published
- 2025-03-11
- Advisory updated
- 2025-09-09
Who should care
Siemens SIMATIC S7-1500 TM MFP - BIOS operators, OT/ICS security teams, and Linux platform maintainers responsible for embedded systems that incorporate the affected kernel code.
Technical summary
The advisory describes a NULL pointer dereference in mm: pfn_section_valid(). A prior fix for a race in memory_section->usage added READ_ONCE() around ms->usage, but the value can still be cleared by section_deactivate(), so it must be checked before dereference. The supplied CVSS vector is CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating local, low-privilege access with high availability impact and no confidentiality or integrity impact.
Defensive priority
Medium. The impact is availability-focused, the attack vector is local, and the supplied advisory lists no fix; however, OT/ICS environments should treat it seriously because it affects a Siemens product advisory and only workaround guidance is provided.
Recommended defensive actions
- Review Siemens advisory SSA-503939 and CISA ICSA-25-072-03 for the current status of the issue and any later remediation updates.
- Apply the supplied workaround guidance: only build and run applications from trusted sources on affected systems.
- Inventory Siemens SIMATIC S7-1500 TM MFP - BIOS assets and confirm whether they are present in your environment.
- Use standard ICS defense-in-depth practices from CISA guidance, including segmentation, monitoring, and least-privilege access for affected hosts.
- Monitor Siemens release and advisory channels for a fix, since the supplied notice states that no fix was available at publication time.
Evidence notes
The corpus identifies the issue as published on 2025-03-11 and revised on 2025-09-09 through CISA CSAF ICSA-25-072-03. The advisory text says the READ_ONCE() change alone is insufficient because ms->usage may be cleared, and the remediation section lists 'Currently no fix is available' plus the workaround 'Only build and run applications from trusted sources.' The supplied metadata also shows no KEV listing.
Official resources
-
CVE-2024-41055 CVE record
CVE.org
-
CVE-2024-41055 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed in CISA advisory ICSA-25-072-03 on 2025-03-11, with a later source revision on 2025-09-09. The supplied timeline does not list a KEV designation.