PatchSiren cyber security CVE debrief
CVE-2024-46675 Siemens CVE debrief
A vulnerability in the USB DWC3 core driver could allow invalid event buffer address access during runtime suspend, potentially causing SMMU faults and memory issues on Exynos platforms. This affects Siemens industrial networking products running SINEC OS, specifically the RUGGEDCOM RST2428P and SCALANCE X-300/X-400/X-500 families. The vulnerability requires local access with low privileges and no user interaction, resulting in high availability impact. Siemens has released firmware updates to address this issue.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P switches or SCALANCE X-300/X-400/X-500 series industrial Ethernet switches in critical infrastructure, manufacturing, or utility environments. Security teams responsible for OT/ICS asset management and patch deployment should prioritize this update during scheduled maintenance windows.
Technical summary
The vulnerability exists in the USB DWC3 (DesignWare USB3) core driver where an invalid event buffer address may be accessed during runtime suspend operations. This can trigger SMMU (System Memory Management Unit) faults and other memory corruption issues, particularly on Exynos-based platforms. The flaw stems from improper input validation (CWE-20) when handling USB core event buffers during power state transitions. In affected Siemens products running SINEC OS, this could lead to denial of service conditions through system instability or crashes. The attack requires local access with authenticated low-privilege credentials but no user interaction, making it exploitable by insiders or attackers with limited system access.
Defensive priority
medium
Recommended defensive actions
- Apply vendor firmware updates: Update RUGGEDCOM RST2428P and SCALANCE XCM-/XRM-/XCH-/XRH-300 family to V3.2 or later per Siemens guidance
- For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, consult Siemens ProductCERT SSA-355557 for specific configuration guidance and available updates
- Implement defense-in-depth strategies for industrial control systems per CISA recommended practices
- Restrict physical and logical access to affected devices to authorized personnel only
- Monitor for anomalous USB-related system events or SMMU fault indicators in device logs
Evidence notes
CVE published 2025-08-12 per CISA CSAF advisory ICSA-25-226-07, which was republished 2026-02-25 based on Siemens ProductCERT SSA-355557. CVSS 3.1 vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates local attack vector with low attack complexity and privileges required, resulting in high availability impact. Affected products confirmed through CSAF product tree: RUGGEDCOM RST2428P (6GK6242-6PA00), SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family.
Official resources
-
CVE-2024-46675 CVE record
CVE.org
-
CVE-2024-46675 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12