PatchSiren cyber security CVE debrief

CVE-2024-46731 Siemens CVE debrief

CVE-2024-46731 describes an out-of-bounds read vulnerability in the Linux kernel's drm/amd/pm (AMD Power Management) subsystem. The flaw occurs when an index calculation (i - 1U) can underflow when i equals zero, causing an access beyond the bounds of the mc_data[] array. This vulnerability was originally published in the Linux kernel context but appears in Siemens industrial control system advisories due to third-party component usage. The CISA ICS advisory ICSA-25-226-07, published 2025-08-12 and most recently modified 2026-02-25, tracks this CVE as part of Siemens' SINEC OS third-party component security assessment. Notably, the advisory's threat assessment categorizes impact as 'Misinformed' for affected product IDs, and revision history indicates significant updates including CVE removals and product scope clarifications through February 2026. No CVSS score or severity rating is available in the source corpus. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.

Vendor: Siemens
Product: RUGGEDCOM RST2428P (6GK6242-6PA00)
CVSS: Unknown
CISA KEV: Not listed in stored evidence
Original CVE published: 2025-08-12
Original CVE updated: 2026-02-25
Advisory published: 2025-08-12
Advisory updated: 2026-02-25

Who should care

Organizations operating Siemens industrial network infrastructure including SINEC OS, SCALANCE XC/XR/XCM/XRM/XCH/XRH series switches, and RUGGEDCOM RST2428P devices; OT security teams managing Linux-based embedded systems with AMD graphics components; infrastructure operators relying on CISA ICS advisories for third-party component risk tracking

Technical summary

An integer underflow vulnerability exists in the AMD Power Management (drm/amd/pm) subsystem of the Linux kernel. When processing memory controller data, the code calculates an array index as i - 1U without validating that i is non-zero. When i equals 0, this calculation underflows to a large unsigned value, resulting in an out-of-bounds read from the mc_data[] array. This vulnerability affects systems with AMD GPUs running vulnerable Linux kernel versions. In the industrial control system context tracked by CISA and Siemens, this represents third-party component exposure in SINEC OS and related network infrastructure products. The vulnerability is classified with 'Misinformed' impact in the Siemens/CISA assessment, suggesting limited or context-dependent exploitability in the specific product configurations evaluated.

Defensive priority

medium

Recommended defensive actions

Review Siemens ProductCERT advisory SSA-355557 for affected product configurations and patch availability
Verify SINEC OS and related Siemens network component firmware versions against vendor security guidance
Apply defense-in-depth controls per CISA ICS recommended practices for industrial control systems
Monitor CISA ICS advisories for updates to ICSA-25-226-07 as product scope has changed in recent revisions
Assess exposure of AMD GPU-dependent systems in OT environments where Linux-based components are deployed

Evidence notes

Source corpus indicates this CVE originated in Linux kernel drm/amd/pm subsystem (out-of-bounds read via underflow at i=0). CISA ICS advisory ICSA-25-226-07 tracks this as third-party component in Siemens SINEC OS. Threat assessment marked 'Misinformed' for product IDs CSAFPID-0006, CSAFPID-0002, CSAFPID-0003. Advisory underwent four revisions: initial publication (2025-08-12), product list correction (2026-02-12), configuration clarification and CVE removal (2026-02-24), and republication based on Siemens SSA-355557 (2026-02-25). No CVSS vector or score present in source. Not in KEV.

Official resources

2025-08-12