PatchSiren cyber security CVE debrief
CVE-2024-50049 Siemens CVE debrief
CVE-2024-50049 is a null pointer dereference vulnerability in the AMD display driver subsystem (drm/amd/display). The vulnerability occurs when dereferencing a 'se' pointer without prior null validation, potentially leading to system instability or denial of service conditions. This vulnerability was originally identified in the Linux kernel's AMD GPU display driver code and has been identified as affecting certain Siemens industrial networking products that incorporate third-party components. The CISA ICS advisory ICSA-25-226-07, published August 12, 2025, covers this vulnerability as part of a broader advisory on Siemens Third-Party Components in SINEC OS. The advisory was subsequently updated on February 25, 2026, to reflect republication based on Siemens ProductCERT SSA-355557. Notably, the threat assessment in the source material categorizes the impact for affected product IDs as 'Misinformed,' suggesting potential clarification or correction in the vulnerability's applicability to specific product configurations. Organizations should consult the Siemens ProductCERT advisory for definitive affected product status and patch availability.
- Vendor
- Siemens
- Product
- RUGGEDCOM RST2428P (6GK6242-6PA00)
- CVSS
- Unknown
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-08-12
- Original CVE updated
- 2026-02-25
- Advisory published
- 2025-08-12
- Advisory updated
- 2026-02-25
Who should care
Organizations operating Siemens industrial networking equipment, particularly RUGGEDCOM RST2428P, SCALANCE XC-300/XR-300/XC-400/XR-500WG/XR-500 family, and SCALANCE XCM-/XRM-/XCH-/XRH-300 family devices. Security teams responsible for industrial control system (ICS) infrastructure and kernel-level vulnerabilities in embedded systems.
Technical summary
A null pointer dereference vulnerability exists in the AMD display driver (drm/amd/display) where a 'se' pointer is dereferenced without prior null validation. This vulnerability, originating in Linux kernel graphics driver code, has been identified in third-party components used by Siemens industrial networking products. The CISA advisory ICSA-25-226-07 tracks this issue with a threat assessment of 'Misinformed' for certain product configurations, indicating the need for careful verification of actual affected status per Siemens ProductCERT guidance.
Defensive priority
medium
Recommended defensive actions
- Review Siemens ProductCERT SSA-355557 for definitive affected product list and remediation guidance
- Verify kernel and firmware versions on affected Siemens industrial networking equipment
- Apply vendor-provided patches when available per Siemens advisory
- Monitor CISA ICS advisories for updates to ICSA-25-226-07
- Implement network segmentation for industrial control systems per CISA recommended practices
Evidence notes
Source: CISA CSAF advisory ICSA-25-226-07. CVE description indicates null pointer dereference in drm/amd/display subsystem. Threat category marked as 'Misinformed' for product IDs CSAFPID-0006, CSAFPID-0002, CSAFPID-0003. Advisory revised February 25, 2026 based on Siemens SSA-355557.
Official resources
-
CVE-2024-50049 CVE record
CVE.org
-
CVE-2024-50049 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
2025-08-12