PatchSiren cyber security CVE debrief
CVE-2024-49969 Siemens CVE debrief
CVE-2024-49969 describes an index out of bounds vulnerability in the DCN30 color transformation code within the AMD display driver (drm/amd/display). The vulnerability was published on 2025-08-12 and last modified on 2026-02-25. According to the CISA CSAF advisory ICSA-25-226-07, this CVE is categorized as **Misinformed** for the listed Siemens products, indicating the vulnerability does not actually affect the products as initially assessed. The affected product list was corrected in a February 2026 revision, moving entries to the Known Not Affected Products category. No CVSS score or severity is available in the source data. This CVE is not listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, or SCALANCE XCM-/XRM-/XCH-/XRH-300 family industrial Ethernet switches should review this advisory to confirm no action is required. Security teams maintaining vulnerability management programs for OT/ICS environments should update their risk registers to reflect the corrected 'not affected' status. Linux system administrators managing workstations with AMD DCN30-based GPUs should monitor kernel security updates from their distribution vendors for potential fixes to the underlying driver issue.
Technical summary
This CVE originates from the Linux kernel's AMD GPU display driver subsystem, specifically in the DCN30 (Display Core Next 3.0) color transformation implementation where an index out of bounds condition can occur. The vulnerability is in kernel-level graphics driver code unrelated to Siemens industrial networking equipment. CISA and Siemens have assessed this CVE as 'Misinformed' for the listed industrial products, meaning the vulnerability was incorrectly associated with these products and does not represent an actual security exposure. Organizations should rely on the Siemens ProductCERT SSA-355557 advisory for authoritative product-specific guidance.
Defensive priority
low
Recommended defensive actions
- Verify that RUGGEDCOM RST2428P and SCALANCE XC/XR/XCM/XRM/XCH/XRH family devices are running current firmware versions as recommended by Siemens ProductCERT
- Review Siemens SSA-355557 for definitive product impact assessments
- No patching action required for this CVE on Siemens equipment based on current vendor assessment
- Apply general ICS security best practices including network segmentation and defense in depth for industrial control systems
Evidence notes
The source advisory ICSA-25-226-07 explicitly categorizes this CVE's impact as 'Misinformed' for the product IDs CSAFPID-0006, CSAFPID-0002, and CSAFPID-0003. The revision history shows corrections on 2026-02-12 and 2026-02-24 that moved products from affected to not affected status. The CVE description references an AMD display driver issue (drm/amd/display: index out of bounds in DCN30 color transformation), which is unrelated to Siemens industrial networking equipment.
Official resources
-
CVE-2024-49969 CVE record
CVE.org
-
CVE-2024-49969 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12