PatchSiren cyber security CVE debrief
CVE-2024-46829 Siemens CVE debrief
CVE-2024-46829 is a medium-severity vulnerability (CVSS 5.5) in the Linux kernel's rtmutex subsystem affecting Siemens industrial networking products. The flaw occurs in rt_mutex_handle_deadlock(), which is called with rt_mutex::wait_lock held. In deadlock scenarios, the function emits a warning and enters an endless scheduling loop while still holding the lock, triggering a 'scheduling in atomic' warning. The fix requires unlocking rt_mutex::wait_lock before issuing the warning and entering the scheduling loop. This vulnerability was published on August 12, 2025, and last modified on February 25, 2026. Siemens has issued security advisory SSA-355557 addressing this issue. Affected products include RUGGEDCOM RST2428P switches and multiple SCALANCE industrial Ethernet switch families. Remediation involves updating affected devices to firmware version 3.2 or later. The vulnerability requires local access with low privileges to exploit, with no user interaction needed, and results in high availability impact through denial of service.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P industrial switches or SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 and XCM-/XRM-/XCH-/XRH-300 family industrial Ethernet switches in critical infrastructure environments. OT security teams, network administrators, and asset owners in manufacturing, energy, transportation, and other industrial sectors relying on these devices for network connectivity should prioritize firmware updates.
Technical summary
The vulnerability exists in the Linux kernel's real-time mutex (rtmutex) implementation. The function rt_mutex_handle_deadlock() acquires rt_mutex::wait_lock but fails to release it in deadlock error paths. When a deadlock is detected, the function emits a warning and enters an infinite scheduling loop while still holding the spinlock, violating atomic context constraints and triggering kernel warnings. The proper fix unlocks the wait_lock before the warning and schedule loop. This represents a classic locking error pattern where error handling paths fail to maintain lock state invariants. The vulnerability is exploitable locally with low privileges and results in denial of service through system instability.
Defensive priority
medium
Recommended defensive actions
- Update affected Siemens RUGGEDCOM RST2428P and SCALANCE switch families to firmware version 3.2 or later per vendor guidance
- Review Siemens ProductCERT advisory SSA-355557 for specific configuration guidance on SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family deployments
- Apply defense-in-depth strategies for industrial control systems including network segmentation and access controls
- Monitor for anomalous system behavior indicative of rtmutex deadlock conditions on affected devices
- Validate firmware versions through Siemens Industry Online Support portal before and after remediation
- resourceLinkAnnotations: [ref-4, ref-5, ref-6, ref-8, ref-9]
Evidence notes
Vulnerability description and affected products confirmed through CISA CSAF advisory ICSA-25-226-07, which references Siemens ProductCERT advisory SSA-355557. CVSS vector AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H indicates local attack vector with low attack complexity and privileges required, resulting in high availability impact. Remediation guidance specifies firmware update to V3.2 or later for affected RUGGEDCOM and SCALANCE products.
Official resources
-
CVE-2024-46829 CVE record
CVE.org
-
CVE-2024-46829 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12