PatchSiren cyber security CVE debrief
CVE-2024-49913 Siemens CVE debrief
CVE-2024-49913 is a null pointer dereference vulnerability in the AMD display driver subsystem (drm/amd/display), specifically in the `commit_planes_for_stream` function where a missing null check for `top_pipe_to_program` could lead to system instability. The vulnerability was published on August 12, 2025, and last modified on February 25, 2026. Siemens ProductCERT issued advisory SSA-355557 addressing this issue in their SINEC OS product line, with CISA republishing the advisory as ICSA-25-226-07. The vulnerability affects Siemens industrial networking products including RUGGEDCOM RST2428P and SCALANCE X-family switches running SINEC OS. The threat assessment categorizes impact as 'Misinformed' per the source advisory. No CVSS score or severity rating is available in the source corpus. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens SCALANCE X-family switches, RUGGEDCOM RST2428P devices, or other SINEC OS-based industrial networking equipment should prioritize review of this advisory. System administrators responsible for OT/ICS network infrastructure, security teams managing industrial control system assets, and compliance personnel tracking CVE remediation for critical infrastructure environments should monitor vendor patch availability.
Technical summary
CVE-2024-49913 is a null pointer dereference vulnerability (CWE-476) in the Linux kernel's AMD display driver subsystem. The flaw exists in the `commit_planes_for_stream` function within `drivers/gpu/drm/amd/display/dc/core/dc.c` where `top_pipe_to_program` is dereferenced without a prior null check. This vulnerability affects Siemens industrial networking products running SINEC OS that incorporate the vulnerable kernel code. The issue was addressed through vendor security updates. The vulnerability is not known to be actively exploited and does not appear in the CISA KEV catalog.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT advisory SSA-355557 for detailed product-specific patch information and affected version ranges.
- Apply vendor-provided firmware updates for affected SCALANCE and RUGGEDCOM products as specified in the Siemens security advisory.
- Monitor CISA ICS advisories for updates to ICSA-25-226-07 regarding this vulnerability.
- Implement defense-in-depth strategies for industrial control systems per CISA recommended practices.
- Assess exposure of affected Siemens networking equipment to determine prioritization for patching activities.
Evidence notes
Source: CISA CSAF advisory ICSA-25-226-07, republished from Siemens ProductCERT SSA-355557. The vulnerability description indicates a null pointer dereference (CWE-476) in Linux kernel AMD display driver code. The advisory underwent three revisions: initial publication (2025-08-12), product list correction (2026-02-12), and configuration clarification with rejected CVE removal (2026-02-24), followed by CISA republication (2026-02-25).
Official resources
-
CVE-2024-49913 CVE record
CVE.org
-
CVE-2024-49913 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12