PatchSiren cyber security CVE debrief
CVE-2024-50040 Siemens CVE debrief
A vulnerability in the Linux kernel's igb (Intel Gigabit Ethernet) driver could allow an attacker to cause a denial-of-service condition. The issue occurs when the driver incorrectly brings the device back up after a non-fatal error, potentially leading to system instability or network disruption. This affects Siemens industrial networking products that incorporate the vulnerable kernel component.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- MEDIUM 6.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2024-04-09
- Original CVE updated
- 2026-05-14
- Advisory published
- 2024-04-09
- Advisory updated
- 2026-05-14
Who should care
Organizations operating Siemens industrial networking infrastructure, particularly in critical infrastructure and manufacturing environments. System administrators responsible for RUGGEDCOM and SCALANCE device fleets. OT security teams monitoring for Linux kernel vulnerabilities in embedded industrial systems.
Technical summary
The vulnerability exists in the igb (Intel Gigabit Ethernet) network driver within the Linux kernel. When a non-fatal error occurs, the driver incorrectly attempts to bring the network device back up, which can lead to undefined behavior and potential system instability. This is classified as CWE-390: Detection of Error Condition Without Action. The CVSS 3.1 vector indicates a local attack vector with low attack complexity, requiring no privileges or user interaction, resulting in high availability impact. Affected Siemens products include RUGGEDCOM RST2428P (6GK6242-6PA00), SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family. Remediation involves updating to firmware version V3.2 or later.
Defensive priority
medium
Recommended defensive actions
- Apply vendor-provided firmware updates to V3.2 or later for affected RUGGEDCOM and SCALANCE products
- For SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, consult Siemens ProductCERT advisory SSA-355557 for specific configuration guidance
- Implement network segmentation for industrial control systems to limit exposure of affected devices
- Monitor for anomalous network behavior or unexpected device resets on affected systems
- Follow CISA ICS recommended practices for defense-in-depth strategies
Evidence notes
The vulnerability is documented in CISA ICS advisory ICSA-25-226-07, which references Siemens ProductCERT advisory SSA-355557. The issue was resolved in the Linux kernel by preventing the igb driver from bringing the device up after non-fatal errors. Siemens has confirmed affected products include RUGGEDCOM RST2428P and SCALANCE networking device families.
Official resources
-
CVE-2024-50040 CVE record
CVE.org
-
CVE-2024-50040 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12