PatchSiren cyber security CVE debrief
CVE-2024-46713 Siemens CVE debrief
CVE-2024-46713 is a medium-severity vulnerability (CVSS 5.5) affecting the Linux kernel's perf subsystem, specifically in AUX buffer serialization. The vulnerability was published on August 12, 2025, and most recently modified on February 25, 2026. Siemens has identified this CVE as affecting multiple industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices. The vulnerability stems from a third-party Linux kernel component used in these products. CISA republished this advisory on February 25, 2026, based on updates from Siemens ProductCERT advisory SSA-355557, which included corrections to the affected products list and clarification of affected configurations. The vulnerability requires local access with low privileges to exploit, with no user interaction needed, and can result in high availability impact.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family industrial networking equipment should prioritize patching. System administrators responsible for industrial control system (ICS) networks, OT security teams, and infrastructure operators in critical manufacturing, energy, and transportation sectors using these Siemens products should assess their exposure and apply recommended updates.
Technical summary
CVE-2024-46713 is a vulnerability in the Linux kernel's perf subsystem related to AUX (auxiliary) buffer serialization. The AUX buffer is used by the Performance Monitoring Unit (PMU) to store data such as Intel PT (Processor Trace) traces. A serialization issue in this component can lead to availability impacts. The vulnerability has been identified in Siemens industrial networking products that incorporate affected Linux kernel versions, specifically the RUGGEDCOM RST2428P and SCALANCE product families running SINEC OS. The vulnerability requires local access with low privileges to exploit.
Defensive priority
medium
Recommended defensive actions
- Apply vendor-provided firmware updates to V3.2 or later for affected Siemens RUGGEDCOM and SCALANCE products as specified in Siemens advisory SSA-355557
- For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, consult Siemens advisory for specific configuration guidance
- Implement network segmentation for industrial control systems to limit local access to affected devices
- Follow CISA ICS recommended practices for defense-in-depth strategies
- Monitor Siemens ProductCERT advisories for additional updates to affected product configurations
Evidence notes
The vulnerability description 'perf/aux: AUX buffer serialization' indicates an issue in the Linux kernel's Performance Monitoring Unit (PMU) auxiliary buffer handling. The CVSS vector (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C) confirms local attack vector with low attack complexity and low privileges required, resulting in high availability impact. Siemens remediation guidance specifies updates to V3.2 or later for affected products.
Official resources
-
CVE-2024-46713 CVE record
CVE.org
-
CVE-2024-46713 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
This CVE was disclosed through coordinated vulnerability disclosure via CISA and Siemens ProductCERT. The advisory was initially published by CISA on August 12, 2025, as ICSA-25-226-07, with subsequent updates in February 2026 to correct受影响