PatchSiren cyber security CVE debrief
CVE-2024-47757 Siemens CVE debrief
CVE-2024-47757 describes a potential out-of-bounds (OOB) read vulnerability in the nilfs2 filesystem's nilfs_btree_check_delete() function. The issue occurs when retrieving the maximum key if the root node has no entries, causing memory access outside the block buffer. This vulnerability was originally published in the Linux kernel context but appears in Siemens industrial products through third-party component inclusion. CISA republished this advisory on 2025-08-12 with subsequent updates through 2026-02-25, including corrections to affected product listings and removal of rejected CVEs. The source advisory (ICSA-25-226-07) marks the impact as 'Misinformed' for the listed Siemens products, suggesting the vulnerability's applicability to these specific industrial control systems may be limited or incorrectly attributed. No CVSS score or severity rating is available in the source corpus. Organizations should verify whether their Siemens SCALANCE or RUGGEDCOM deployments include the vulnerable nilfs2 component and apply vendor guidance accordingly.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens SCALANCE industrial Ethernet switches, RUGGEDCOM RST2428P devices, or other listed products that may incorporate Linux kernel components including nilfs2 filesystem support.
Technical summary
The nilfs_btree_check_delete() function in nilfs2 performs an out-of-bounds read when the root node has no entries during maximum key retrieval. This vulnerability affects systems where nilfs2 is present as a third-party component, including certain Siemens industrial networking products. The CISA advisory marks impact as 'Misinformed' for the listed product IDs, indicating potential misattribution or limited applicability to the specific Siemens product configurations.
Defensive priority
medium
Recommended defensive actions
- Verify whether deployed Siemens SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, SCALANCE XCM-/XRM-/XCH-/XRH-300 family, or RUGGEDCOM RST2428P systems include the nilfs2 filesystem component
- Review Siemens ProductCERT advisory SSA-355557 for authoritative product-specific guidance
- Apply vendor-provided patches or configuration guidance when available
- Monitor CISA ICS advisories for updates to ICSA-25-226-07
- Implement defense-in-depth strategies per CISA ICS recommended practices for industrial control systems
Evidence notes
Source CISA CSAF advisory ICSA-25-226-07 republished 2026-02-25 based on Siemens ProductCERT SSA-355557. Impact marked 'Misinformed' for affected product IDs CSAFPID-0006, CSAFPID-0002, CSAFPID-0003. No CVSS vector present in source.
Official resources
-
CVE-2024-47757 CVE record
CVE.org
-
CVE-2024-47757 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12