CVE-2024-42244 Siemens CVE debrief

Who should care

Organizations running Linux-based industrial control systems, particularly those using Siemens RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices. System administrators responsible for kernel maintenance on systems with USB serial devices should also prioritize this fix.

Technical summary

The mos7840 USB serial driver in the Linux kernel contains a flaw where the second port read URB's context pointer is not properly set to the mos7840 port structure during resume operations. When the USB serial core's generic resume implementation is invoked, both read URBs are submitted, but the incorrect context pointer causes a crash. This vulnerability affects systems using the mos7840 driver with multiple read URB support, including certain Siemens industrial networking products. The CVSS 3.1 score is 5.5 (MEDIUM).

Defensive priority

medium

Recommended defensive actions

• Review CISA advisory ICSA-25-226-07 and Siemens ProductCERT SSA-355557 for updated affected product information and patch availability
• Apply kernel updates from your Linux distribution that include the fix for CVE-2024-42244
• For Siemens industrial products, consult Siemens ProductCERT for specific firmware updates addressing this vulnerability
• Implement defense-in-depth strategies for industrial control systems per CISA recommended practices
• Monitor systems for unexpected crashes or instability during USB device resume operations
• Restrict physical access to USB ports on affected industrial systems where feasible

Evidence notes

The vulnerability description is drawn from the CVE record and CISA CSAF source. The affected product information and 'Misinformed' threat classification come from CISA advisory ICSA-25-226-07, which was republished on February 25, 2026 based on Siemens ProductCERT advisory SSA-355557. The CVSS score of 5.5 (MEDIUM) is taken from the official CVE record.

Official resources