PatchSiren cyber security CVE debrief
CVE-2024-46722 Siemens CVE debrief
CVE-2024-46722 describes an out-of-bounds read vulnerability in the Linux kernel's drm/amdgpu driver, specifically when accessing mc_data[i-1]. The vulnerability was published on 2025-08-12 and last modified on 2026-02-25. Siemens ProductCERT issued advisory SSA-355557 covering this CVE, which CISA subsequently republished as ICSA-25-226-07. The advisory affects Siemens industrial networking products running SINEC OS, including the RUGGEDCOM RST2428P and SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family devices. The underlying issue stems from a third-party Linux kernel component (amdgpu DRM driver) that may be present in affected Siemens products. The vulnerability is classified with impact 'Misinformed' per the CSAF threat categorization. No CVSS score is currently assigned in the available sources. The advisory has undergone multiple revisions, with the most recent update on 2026-02-25 clarifying affected product configurations and removing rejected CVEs from the advisory scope.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking infrastructure, particularly RUGGEDCOM and SINEC OS-based devices. OT security teams managing SCALANCE and RUGGEDCOM product families should assess patch availability and exposure. Linux kernel maintainers and distributors should verify fix backporting status for affected kernel versions.
Technical summary
This CVE identifies an out-of-bounds read condition in the Linux kernel's Direct Rendering Manager (DRM) AMDGPU driver. The vulnerability occurs when the code accesses mc_data[i-1] without proper bounds validation, potentially leading to information disclosure or undefined behavior. The issue affects Siemens industrial networking products that incorporate the vulnerable Linux kernel component through SINEC OS. The amdgpu driver is typically used for AMD GPU hardware support; in industrial contexts, this may be relevant for devices with graphical interfaces or GPU-accelerated processing capabilities. The out-of-bounds read suggests an array index validation issue where the code attempts to access an element before the start of the mc_data array when i equals 0.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-355557 for detailed product impact and patch availability
- Verify SINEC OS version on affected Siemens devices (RUGGEDCOM RST2428P, SCALANCE XC/XR families)
- Apply vendor-provided firmware updates when available per Siemens security advisory
- Monitor CISA ICS advisories for additional guidance on industrial control system protections
- Implement network segmentation for industrial control systems per CISA recommended practices
- Assess exposure of affected devices to untrusted networks, as amdgpu driver vulnerabilities typically require local access or crafted workloads
Evidence notes
CVE description indicates out-of-bounds read in drm/amdgpu driver when accessing mc_data[i-1]. Siemens CSAF advisory SSA-355557 covers this CVE as a third-party component vulnerability in SINEC OS. CISA republished as ICSA-25-226-07. Advisory revision history shows multiple updates through 2026-02-25 clarifying affected products and removing rejected CVEs. Impact categorized as 'Misinformed' in CSAF threat data.
Official resources
-
CVE-2024-46722 CVE record
CVE.org
-
CVE-2024-46722 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12