PatchSiren cyber security CVE debrief
CVE-2024-46814 Siemens CVE debrief
This CVE describes a vulnerability in the Linux kernel's AMD display driver (drm/amd/display) where a msg_id check is missing before processing a transaction. The vulnerability was originally published on 2025-08-12 and last modified on 2026-02-25. The source advisory (ICSA-25-226-07) was republished by CISA based on Siemens ProductCERT advisory SSA-355557. Notably, the source advisory marks the impact as 'Misinformed' for the listed Siemens products, indicating this CVE may have been incorrectly associated with or does not actually affect the RUGGEDCOM RST2428P and SCALANCE product families listed in the advisory. The advisory underwent multiple revisions, including corrections to affected products and removal of rejected CVEs. No CVSS score or severity is available in the source data.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations running Linux systems with AMD graphics hardware should verify kernel patch status. Organizations managing the listed Siemens industrial networking products should note the 'Misinformed' classification and consult Siemens ProductCERT for clarification, as this CVE likely does not affect those products.
Technical summary
CVE-2024-46814 is a vulnerability in the Linux kernel's Direct Rendering Manager (DRM) AMD display driver subsystem. The issue involves insufficient validation where a msg_id check is not performed before processing a transaction. This could potentially allow improper handling of display driver messages. However, the CISA advisory ICSA-25-226-07 explicitly marks this CVE's impact as 'Misinformed' for the listed Siemens products (RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family), suggesting the CVE was incorrectly associated with these industrial networking products. The underlying vulnerability appears to be a Linux kernel issue affecting AMD graphics subsystems rather than Siemens proprietary firmware.
Defensive priority
low
Recommended defensive actions
- Verify whether CVE-2024-46814 actually affects your specific product and version, as the source advisory marks impact as 'Misinformed' for listed Siemens products
- Consult the original Siemens ProductCERT advisory SSA-355557 for authoritative product-specific guidance
- If running Linux systems with AMD graphics, ensure kernel updates include the drm/amd/display fix for msg_id validation
- Apply standard ICS security practices including network segmentation and defense in depth for industrial control systems
- Monitor CISA ICS advisories for updates to ICSA-25-226-07
Evidence notes
The source CISA CSAF advisory ICSA-25-226-07 explicitly categorizes the impact for this CVE as 'Misinformed' for all listed product IDs (CSAFPID-0006, CSAFPID-0002, CSAFPID-0003). The advisory was republished on 2026-02-25 based on Siemens ProductCERT SSA-355557. The CVE description references a Linux kernel AMD display driver issue, which appears unrelated to the Siemens networking products listed.
Official resources
-
CVE-2024-46814 CVE record
CVE.org
-
CVE-2024-46814 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12